Malware

Win32/Rootcip.W information

Malware Removal

The Win32/Rootcip.W is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Rootcip.W virus can do?

  • Sample contains Overlay data
  • Authenticode signature is invalid

How to determine Win32/Rootcip.W?



File Info:

name: CC1B1D24E140C4E1FB8F.mlw
path: /opt/CAPEv2/storage/binaries/4fe7063387434941becd3f9b303509a12bc77642e94480faa7e1d4f37553c944
crc32: 6D2B1260
md5: cc1b1d24e140c4e1fb8f46099a12fed1
sha1: 024d6e02ff7f393f0ecff22c3c2450d280441f8d
sha256: 4fe7063387434941becd3f9b303509a12bc77642e94480faa7e1d4f37553c944
sha512: e02284c07ae7232325c47c61aee12bf2f314267495248bbb2bcfec519639619f15bd2518c5dc51744fea4000ef4b16d1ae43058a603d3f9891144b63d337e3b8
ssdeep: 24576:pamYK1n9x+3ySWhM00apqL24QSBFxw8XfvqWJwafkMLYgpshb+B/WLtSqkb8g+:sVKvx+CS60xy4pl3qWy/OChRLCb8g+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F93523906A90FCD1CBD5257F6E2A47A4CE5120AFF7F965CB3EE128041DEB9B894890D0
sha3_384: aa3d6be323dd0a8309b784eddd25ef856cde68e91dd8549f156d33a0e73d271bc61a357bb513272ebcdfe0147cbfabac
ep_bytes: 6a746898214000e8dc02000033db895d
timestamp: 2007-04-17 10:08:12


Version Info:

0: [No Data]

Win32/Rootcip.W also known as:

FireEyeGeneric.mg.cc1b1d24e140c4e1
McAfeeArtemis!CC1B1D24E140
SangforTrojan.Win32.Save.a
BitDefenderThetaGen:NN.ZexaF.34806.grZ@aOwwcj
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Rootcip.W
ClamAVWin.Trojan.Inject-47
KasperskyUDS:Trojan.Win32.GenericML.xnet
RisingTrojan.Generic@AI.81 (RDMK:cmRtazrx+dguKsuwYLnhVB8wvGg5)
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
Trapminemalicious.moderate.ml.score
SophosML/PE-A + Mal/Behav-009
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.330C
MicrosoftTrojan:Win32/Sabsik.FT.A!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Inject.C14751
VBA32BScope.Downloader.Agent
CylanceUnsafe
AVGWin32:Riler-M [Trj]
Cybereasonmalicious.2ff7f3
AvastWin32:Riler-M [Trj]

How to remove Win32/Rootcip.W?

Win32/Rootcip.W removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment