Trojan

VHO:Trojan-Downloader.Win32.Upatre.jgqr removal guide

Malware Removal

The VHO:Trojan-Downloader.Win32.Upatre.jgqr is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VHO:Trojan-Downloader.Win32.Upatre.jgqr virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Georgian
  • Authenticode signature is invalid
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization

How to determine VHO:Trojan-Downloader.Win32.Upatre.jgqr?



File Info:

name: 080D7E5446AF98328CC3.mlw
path: /opt/CAPEv2/storage/binaries/317cc699be4de5dfa8a2fe41817be5b3d5299d412587c49de838fae658094f07
crc32: 5D0AE186
md5: 080d7e5446af98328cc35363dc40be14
sha1: c943b24a8d71909af2a3ebed0695ac646d5070c4
sha256: 317cc699be4de5dfa8a2fe41817be5b3d5299d412587c49de838fae658094f07
sha512: d9a64db5d4a51763491402514a3ceb6761d6c1447f914c74c7a8d3accfede15f84c9c4cabcefcc83f4db01a605ccd9216e23fe06f37214bbea3510acebcecd70
ssdeep: 3072:2/XH6a/3y8UAOWMGALQBmBq4qgi1TuUKLanYH74+Akl:QaE3sAOWQA47i1qxLdH7r
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14F54CF1671C3D472C0A2057027718B659A7F6871373117BB67A7223EDFB06E0BAB478A
sha3_384: b82e4158318b1403190ca0e9ddda648bcae45cb7208da519dea89bfb2711d180b4d4951545ed30e6a46de10caeaafbb9
ep_bytes: e8183b0000e989feffff6a0aff15d410
timestamp: 2021-06-05 20:16:55


Version Info:

FileVersions: 9.1.2.1
Copyright: Copyright (C) 2022, soboklos
ProjectVersion: 74.85.66.75

VHO:Trojan-Downloader.Win32.Upatre.jgqr also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
FireEyeGeneric.mg.080d7e5446af9832
McAfeeArtemis!080D7E5446AF
CylanceUnsafe
SangforTrojan.Win32.Save.a
Cybereasonmalicious.a8d719
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
APEXMalicious
KasperskyVHO:Trojan-Downloader.Win32.Upatre.jgqr
AvastCrypterX-gen [Trj]
SophosML/PE-A
Trapminemalicious.moderate.ml.score
SentinelOneStatic AI – Malicious PE
GoogleDetected
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
Acronissuspicious
RisingMalware.Obscure/Heur!1.A89F (CLASSIC)
IkarusTrojan.Win32.Ranumbot
MaxSecureTrojan.Malware.300983.susgen
AVGCrypterX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove VHO:Trojan-Downloader.Win32.Upatre.jgqr?

VHO:Trojan-Downloader.Win32.Upatre.jgqr removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment