BITTER is a fewer-notorious Advanced unstoppable parasite (APT) family whose campaiGns target Chinese and Pakistani establishments generally. It is suspected that BITTER may arise from the Southern Asia land, but this is yet to be proven for positive. The at the beginning activity of the BITTER hacking family were sighted in 2015, and as then they have been via the same Trojan downloader in quite a lot of of their campaigns, the ArtraDownloader (on top of that referred to as ArtraDownloader malicious software). Of course, the ArtraDownloader (moreover referred to as ArtraDownloader malware) has undergone a load of updates via the years, and it now packages multiple components that permit it to sidestep virtual environments, disguise from stability applications, and rush stability measures to download etc. impairing threat. Often, the ArtraDownloader has been used in combination with the BitterRAT, a Remote Access Trojan that is linked to many of BITTER’s operations.
Basic ‘Double Extension’ Trick may be Used to Disguise Corrupted Executable
The ArtraDownloader appears to be distributed to victims via two methods â€“ either with the help of a macro-laced document that is delivered in an email attachment or via a document that uses a double extension (e.g. ‘.doc.exe’) counting on the Windows’ modes, the people may merely see the ‘.Doc’ add-on and feel that they are going to open a file, but, in truth, they’ll conduct a infected catalog.
The moment the ArtraDownloader controls, it will carry out anti-sandbox follows, and then move on to initialize an HTTP demand to the Command & supervise server of the invader to fetch the payload. Surprisingly, the payload is hosted on URLs that look to be valid Pakistani or Chinese portals that tend to have been contaminated by the BITTER APT family. So far, the ArtraDownloader is known to download certain RAT versions exclusively.
Making sure that your machines are up-to-date and safeguarded by anti-infections safeguarding should be sufficient to discourage infiltrates done together with ArtraDownloader or connected perils.
Manual ArtraDownloader Removal Instructions.
Delete ArtraDownloader related applications
Uninstall from Windows 7 and Windows Vista
- Click Start and go to Control Panel.
- Choose Uninstall a program and uninstall ArtraDownloader.
Uninstall from Windows XP
- Open the Start menu and access Control Panel.
- Select Add or Remove programs and remove ArtraDownloader.
Uninstall from Windows 8
- Click Windows key + R simultaneously and type in Control Panel.
- Tap Enter and navigate to Uninstall a program.
- Find the undesirable application and uninstall ArtraDownloader.
Delete ArtraDownloader from your browsersDownload Removal Toolto remove ArtraDownloader
Remove ArtraDownloader from Internet Explorer
- Launch Internet Explorer and choose Gear icon.
- Open Manage add-ons and delete the undesirable extensons.
- Click Gear icon again and go to Internet Options.
- In the General tab, replace the current home page with the one you prefer.
- Click OK.
- Click Gear icon one more time and access Internet Options.
- Move to the Advanced tab and select Reset.
- Mark the box and tap Reset again.
Remove ArtraDownloader from Mozilla Firefox
- Start your browser and open the menu.
- Seletc Add-ons and navigate to the Extensions.
- Remove the unwanted extensions from the list.
- At the same time click Alt+H.
- Choose Troubleshooting information and tap Reset.
- When the new dialog box appears, tap Reset again.
Remove ArtraDownloader from Google Chrome
- Launch your browser and open the menu.
- Choose Tools and go to Extensions.
- Select the undesirable add-on and tap Trash icon next to it.
- Access menu again and move to Settings.
- Click Manage Search engines under Search and delete the current search engine.
- Choose a new search tool.
- Open Settings and Click Show Advanced settings.
- Tap Reset browser settings and then tap Reset one more time to confirm your action.