The file MSIDFN32.DLL is identified as a virus dropper.
The dropper MSIDFN32.DLL is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
The file MSIDFN32.DLL loads into the computer memory and tries to connect to the dangerous web site.
Usually the MSIDFN32.DLL dropper does not infect the files on the computer and does not replicate itself on other computers.
Kill the MSIDFN32.DLL process and delete the file MSIDFN32.DLL.
Malware Analysis of MSIDFN32.DLL
Full path on a computer: %SysDir%\msidfn32.dll
Detected by UnHackMe:
MSIDFN32.DLL
Default location: %SysDir%\msidfn32.dll
Removal Results: Success
Number of reboot: 1
MSIDFN32.DLL is known as:
Trojan.Turla
MSIDFN32.DLL hash:
- MD5: 2b61e8a11749bfb55d21b5d8441de5c9
The file is used for downloading and installing other malware, Trojans, viruses by the commands received from the Command Center.
How to quickly detect MSIDFN32.DLL presence?
Registry:
- HKLM\System\CurrentControlSet\Services\tdn\ImagePath: “\??\%SysDir%\DRIVERS\tdn.sys”
- HKLM\System\CurrentControlSet\Services\tdn\DisplayName: “tdn”
Files:
- %Temp%\fwclt.exe
- %SysDir%\drivers\tdn.sys
- %SysDir%\commodule.dll
- %SysDir%\msidfn32.dll
- %SysDir%\winstat0.pdr
- %SysDir%\winview.ocx