Trojan.Simda.gen!A
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 16,354 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 605 |
| First Seen: | December 7, 2011 |
| Last Seen: | August 30, 2023 |
| OS(es) Affected: | Windows |
Trojan.Simda.gen!A is a dangerous kernel mode rootkit infection that is quite difficult to detect and remove. ESG security researchers have associated the Trojan.Simda.gen!A rootkit with various browser hijackers. This rootkit also creates a backdoor into the infected computer, allowing criminals to gain access to the victim's computer from a remote location. Using Trojan.Simda.gen!A, criminals can spy on your activities, steal private information or install other malware on your computer. ESG security researchers advise removing Trojan.Simda.gen!A with a reliable anti-malware program. Unfortunately, Trojan.Simda.gen!A has advanced features that often make it very difficult to remove without a specialized tool, even when using Windows' Safe Mode. ESG malware analysts recommend using a specialized anti-rootkit application in order to ensure that all traces of Trojan.Simda.gen!A are removed from your computer. Trojan.Simda.gen!A poses a severe threat to your computer and Trojan.Simda.gen!A should be removed immediately.
Trojan.Simda.gen!A is one of the many Trojans that belong to the Simda family of malware. This is a large family of rootkits and Trojan infections used to install a backdoor into their victim's computers. There are often numerous components involved in a Simda-related malware attack. Because of this, Trojan.Simda.gen!A will seldom attack alone and will often be associated with additional malware threats on the infected computer. While Trojan.Simda.gen!A itself will rarely cause symptoms on the victim's computer, its associated malware components will frequently cause problems that will point to the presence of Trojan.Simda.gen!A on the infected computer. The two most common problems associated with the presence of Trojan.Simda.gen!A are listed below:
- Trojan.Simda.gen!A is closely associated with browser hijackers. Because of this, computers infected with Trojan.Simda.gen!A may present frequent browser redirects, often leading computer users to phishing websites or to websites that promote known malware or carry out common online scams.
- Trojan.Simda.gen!A will also create a backdoor on the victim's computer. If you detect suspicious network activity, it may be Trojan.Simda.gen!A connecting to a remote server in order to be given instructions from its command and control server through its backdoor.
Due to the way Trojan.Simda.gen!A can backup and reinstall itself, advanced removal techniques may be necessary in order to remove Trojan.Simda.gen!A completely. ESG malware researchers advise using only the most powerful anti-malware software available to scan your infected computer. It is also highly recommended starting up Windows and to scan the infected computer from a source that has not been compromised, such as a shared network drive or an external memory drive.
Table of Contents
Aliases
15 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| McAfee | Artemis!F1202B91EAFC |
| Fortinet | W32/SimdaM!tr |
| AntiVir | TR/Agent.265688 |
| McAfee | Artemis!1DB2E1E5D82F |
| AVG | Crypt.BAOV |
| AntiVir | TR/Crypt.XPACK.Gen |
| Sophos | Mal/Generic-S |
| McAfee | Artemis!35723C5D6CFA |
| McAfee | TDSS |
| Fortinet | W32/RLoader.A!tr |
| Sophos | Troj/Agent-VVB |
| Symantec | Trojan.Rloader!inf |
| F-Prot | W32/Backdoor2.HKNO |
| K7AntiVirus | Backdoor |
| McAfee | Generic Rootkit.el |
SpyHunter Detects & Remove Trojan.Simda.gen!A
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | 5689.sys | 31cb3ce3387a7b27678a90f95f3eb4ec | 125 |
| 2. | 5689.sys | 2eeed6a3617d64374d70a6207d6ab554 | 112 |
| 3. | privacy.exe | f80f4835b6c4c1b798df4a858499e973 | 11 |
| 4. | privacy.exe | a8f879c74d734e4f7267749670b28e81 | 10 |
| 5. | sqlesw32.dll | 0215517550578032dbaf397542224388 | 8 |
| 6. | sqlcsw32.dll | b1a8f163e54e5eb0b8e08a7d21793f2b | 7 |
| 7. | privacy.exe | a3249920ff48ff18a3067afd89272905 | 6 |
| 8. | setup.exe | 8b72db84bb9ef91c7a9f49f8e1d68183 | 5 |
| 9. | 5689.sys | 98ff2256f227f62add31aab4c010fadf | 5 |
| 10. | 5689.sys | 50d7d0ec61ab56a5d249dff4a801d279 | 4 |
| 11. | ACPI.sys | dcce754e13fe7daa579d8f906cf3b388 | 4 |
| 12. | acpi.sys | 1db2e1e5d82fcf97145750c9afb6267b | 4 |
| 13. | 5728.sys | 1a06c9791693b66fc6557a6c32aaf516 | 2 |
| 14. | 5016.sys | 8359f0e9b29334e49252908c4d1b9ae7 | 2 |
| 15. | 5016.sys | 9538a47443ec5999b490e68b46ab944d | 2 |
| 16. | Wdf01000.sys | 882877a8b2c541ebe46620ee5f7fc385 | 2 |
| 17. | ACPI.sys | b981db4f6c4ce82bf0988a8fe901ea96 | 2 |
| 18. | ACPI.sys | ea38c961260f29295c6d03070fa9d0b5 | 2 |
| 19. | Wdf01000.sys | 6ed4faa0734a392d0fa7d78502a68db8 | 2 |
| 20. | ACPI.sys | 78dba80f47dcdf4010d9581e9cd26298 | 2 |
| 21. | ARQ5oKqj9YW2bJ.exe | c31bf1bf01ca7b5f3ea5885d7639c946 | 1 |
| 22. | jrzplm1gJUM5NX.exe | 5b6e473a38c5d66ab9240bfdfc5bd916 | 1 |
| 23. | 5689.sys | c21d107624298311ca78f15c0e457440 | 1 |
| 24. | 8039.sys | a00f501b7134930fceeb8f7a53d9c382 | 1 |
| 25. | 8050.sys | 0e5ed1dc5d8b8f0a030278768b7c10e6 | 1 |
| 26. | 8007.sys | 3d1d026ddc1385926dd3a721ab4b287c | 1 |
| 27. | 5613.sys | 35723c5d6cfa1166984aac1cb35f6b53 | 1 |
| 28. | 5689.sys | 10028a21f2912b7a9b101251fd367c10 | 1 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.