Malware

How to remove “Win32/RemoteAdmin.NetCat.AA potentially unsafe”?

Malware Removal

The Win32/RemoteAdmin.NetCat.AA potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/RemoteAdmin.NetCat.AA potentially unsafe virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics

How to determine Win32/RemoteAdmin.NetCat.AA potentially unsafe?



File Info:

name: 45D57F41DB7D0BEAE35E.mlw
path: /opt/CAPEv2/storage/binaries/46d3fc28c1b51832efda3d1b381da9831ddf63e5145b5bbc1ded43e5c12bd9de
crc32: 9A88CC77
md5: 45d57f41db7d0beae35efa896f0dfced
sha1: dcf7fdd47a4c7cc55ad3f704c11469dd65c6e312
sha256: 46d3fc28c1b51832efda3d1b381da9831ddf63e5145b5bbc1ded43e5c12bd9de
sha512: e504dbcd280d0d01e0fd132e821266d18f74a19770badf1f10195b1e21f18de7cab93e122d8eb879cc7bcab41290d159b680a922ea0fb55a49facd5c3a28cead
ssdeep: 6144:2VpuzZOEAURURvYgIlDYMvBBD/nhFodA3rfsjpblUkwW7kdR7D1pq32:2TuzZm1vYgSDxB1odA3ITPwgkdlDf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14274E109B9C5A4E5EA1340300093E0FB5639EF48E283A4DBEBB8B552CD75D4A0ED76DD
sha3_384: 1a02385bc647fca212f907ec93cbb18887c8cd4ae49be066851b90e3481e934bf3bba20aaa431e17bfd33ab5278c41d7
ep_bytes: 5589e583ec08c7042402000000ff15a8
timestamp: 2012-08-29 07:57:40


Version Info:

0: [No Data]

Win32/RemoteAdmin.NetCat.AA potentially unsafe also known as:

LionicRiskware.Win32.NetCat.1!c
Elasticmalicious (high confidence)
CAT-QuickHealTrojan.GenericPMF.S519521
SkyhighTool-NetCat.g
McAfeeArtemis!45D57F41DB7D
Cylanceunsafe
ZillyaTool.NetCat.Win32.98
SangforTrojan.Win32.Netcat.Vdmh
K7GWUnwanted-Program ( 004d38111 )
K7AntiVirusUnwanted-Program ( 004d38111 )
SymantecTrojan.Gen.6
ESET-NOD32Win32/RemoteAdmin.NetCat.AA potentially unsafe
ZonerTrojan.Win32.38913
AvastWin32:Neptunia-AGN [PUP]
Kasperskynot-a-virus:RemoteAdmin.Win32.NetCat.a
NANO-AntivirusTrojan.Win32.RemoteAdmin.kbprxg
SophosNetCat (PUA)
Paloaltogeneric.ml
WebrootW32.HackTool.Gen
VaristW32/Tool.MYIN-3004
Antiy-AVLRiskWare[RemoteAdmin]/Win32.NetCat.a
MicrosoftHackTool:Win32/NetCat!MSR
XcitiumApplicUnsaf.Win32.RemoteAdmin.NetCat.~AA@fy52
ZoneAlarmnot-a-virus:RemoteAdmin.Win32.NetCat.a
GoogleDetected
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/CI.A
RisingHackTool.NetCat!1.BBDD (CLASSIC)
FortinetRiskware/NetCat
AVGWin32:Neptunia-AGN [PUP]
DeepInstinctMALICIOUS

How to remove Win32/RemoteAdmin.NetCat.AA potentially unsafe?

Win32/RemoteAdmin.NetCat.AA potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment