Trojan

Win32/TrojanDropper.Small.NMM removal guide

Malware Removal

The Win32/TrojanDropper.Small.NMM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDropper.Small.NMM virus can do?

  • Unconventionial binary language: Russian
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Win32/TrojanDropper.Small.NMM?



File Info:

crc32: B5091EA7
md5: b2b3e0001601af03ee8633a1f9df0ff4
name: hack123.exe
sha1: 3527a5341d8e46d88bb6b13f7a49a024aa5f636d
sha256: 33bbd30dd15c5c99edaba8759f8bc16db3de2f89a844058cc0cccbf4c5f80003
sha512: 18c9ed1e4e92089011f3f47430c33d2f50fdc3d59f77dcce1dd0b448f13a6d2a063f4ea51e2e6976d3fdef5b36b32ee6c66bdcddc59d7b03183320ade2a57240
ssdeep: 49152:XqNYJiUYJmi8cHeGqIFsl6LVnAxYPkwblBCe+JrbvIB1TvZ9RLImPi1X:XmGI+dlgVAxZwbCDb+1TvBIFx
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: ROSTPAY LTD. All rights reserved.
InternalName: DriverHub.exe
FileVersion: 1.1.2.1563
CompanyName: ROSTPAY LTD
ProductName: DriverHub
ProductVersion: 1.1.2.1563
FileDescription: DriverHub
OriginalFilename: DriverHub.exe
Translation: 0x0419 0x04b0

Win32/TrojanDropper.Small.NMM also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanTrojan.MSIL.Injector.MF
FireEyeGeneric.mg.b2b3e0001601af03
CAT-QuickHealVirtool.Vbinder.A4
Qihoo-360HEUR/QVM20.1.86EF.Malware.Gen
ALYacTrojan.MSIL.Injector.MF
MalwarebytesBackdoor.Dropper
VIPREDetect.Trojan.Win32.Small.nmm (v)
SangforMalware
K7AntiVirusBackdoor ( 0040f6fb1 )
BitDefenderTrojan.MSIL.Injector.MF
K7GWBackdoor ( 0040f6fb1 )
Cybereasonmalicious.01601a
Invinceaheuristic
BitDefenderThetaAI:Packer.6A3B57511E
CyrenW32/GenTroj.S.gen!Eldorado
SymantecTrojan.Dropper!g1
BaiduWin32.Trojan-Dropper.Small.o
APEXMalicious
AvastWin32:GenMalicious-NUS [Trj]
ClamAVWin.Trojan.Poison-8692
GDataWin32.Trojan-Dropper.Agent.AMY
KasperskyBackdoor.Win32.Poison.ggrf
NANO-AntivirusTrojan.Win32.Poison.cbeljp
ViRobotBackdoor.Win32.Agent.67584.L
TencentMalware.Win32.Gencirc.10b3e7f9
Ad-AwareTrojan.MSIL.Injector.MF
SophosTroj/Vbinder-D
ComodoTrojWare.Win32.Ransom.Xorist.ET@4mg4hg
F-SecureHeuristic.HEUR/AGEN.1114161
DrWebTrojan.MulDrop8.22787
TrendMicroTROJ_VBINDER.SM
McAfee-GW-EditionBehavesLike.Win32.Generic.vc
Trapminemalicious.high.ml.score
CMCBackdoor.Win32.Poison!O
EmsisoftTrojan.MSIL.Injector.MF (B)
IkarusBackdoor.Poison
F-ProtW32/GenTroj.S.gen!Eldorado
JiangminBackdoor/Poison.abtg
WebrootW32.Dropper.Gen
AviraHEUR/AGEN.1114161
Endgamemalicious (high confidence)
ArcabitTrojan.MSIL.Injector.MF
ZoneAlarmBackdoor.Win32.Poison.ggrf
MicrosoftVirTool:Win32/Vbinder
TACHYONBackdoor/W32.Poison.2254848
AhnLab-V3Backdoor/Win32.Poison.R72119
Acronissuspicious
McAfeeGenericRXAC-LG!B2B3E0001601
MAXmalware (ai score=88)
VBA32Backdoor.Poison
CylanceUnsafe
PandaTrj/Injector.BH
ESET-NOD32Win32/TrojanDropper.Small.NMM
TrendMicro-HouseCallTROJ_VBINDER.SM
RisingMalware.Heuristic!ET#100% (RDMK:cmRtazqbAQNGlIZ9uaP6tTq6dxsk)
YandexTrojan.Oxij.Gen.LA
SentinelOneDFI – Suspicious PE
eGambitUnsafe.AI_Score_98%
FortinetW32/Xorist.ET!tr
AVGWin32:GenMalicious-NUS [Trj]
CrowdStrikewin/malicious_confidence_80% (D)

How to remove Win32/TrojanDropper.Small.NMM?

Win32/TrojanDropper.Small.NMM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment