Malware

About “Application.DealAgent.BGR” infection

Malware Removal

The Application.DealAgent.BGR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Application.DealAgent.BGR virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Crashed cuckoomon during analysis. Report this error to the Github repo.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Application.DealAgent.BGR?



File Info:

crc32: 6388F334
md5: 8be263d823b8f80d743f1c1aa10a50d5
name: 8BE263D823B8F80D743F1C1AA10A50D5.mlw
sha1: 63f41eec12c70d042303fd5366e99783a696e666
sha256: 1a5f6afa784b8cc2346b53026a686eff3eda969a44696ff7e78e802bef5728cc
sha512: c7a4d83b62007d3dbd55d19e0fd83fe0643fb0938abcb2bd54b67a4929d5bd068d67e4401d60a951b4c4404a9780f103b616c5d4f5c67bdd9e80208abed5c804
ssdeep: 24576:AVsw6tP3goFjj/izzX38BDI2D6tP/5Gkz9lEBmYT0YMVDGoCoDygRs79:ASPtP3g+GzsBMdP/5xzPUmYT0fg2i
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName:                                                             
Comments: This installation was built with Inno Setup.
ProductName: Fomilagat                                                   
ProductVersion: 2.4.7               
FileDescription: Fomilagat Setup                                             
Translation: 0x0000 0x04b0

Application.DealAgent.BGR also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
ClamAVWin.Trojan.Agent-6458981-0
McAfeeArtemis!8BE263D823B8
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderApplication.DealAgent.BGR
Cybereasonmalicious.823b8f
SymantecPUA.InstallCore
ESET-NOD32Win32/InstallCore.Gen.A potentially unwanted
Kasperskynot-a-virus:UDS:AdWare.Win32.DealPly.heur
AlibabaAdWare:Win32/InstallCore.d23bbfb0
NANO-AntivirusVirus.Win32.Gen.ccmw
MicroWorld-eScanApplication.DealAgent.BGR
Ad-AwareApplication.DealAgent.BGR
SophosQPDownload Download Manager (PUA)
ComodoMalware@#2xru5jo45ywoy
McAfee-GW-EditionBehavesLike.Win32.PUPInstaller.tc
FireEyeGeneric.mg.8be263d823b8f80d
EmsisoftApplication.DealAgent.BGR (B)
SentinelOneStatic AI – Suspicious PE
JiangminAdWare.DealPly.pajv
WebrootW32.Adware.Gen
MicrosoftTrojan:Win32/Wacatac.A!ml
GDataWin32.Application.InstallCore.LR@gen
AhnLab-V3PUP/Win32.DealPly.C4073147
VBA32TScope.Malware-Cryptor.SB
MAXmalware (ai score=71)
MalwarebytesPUP.Optional.BundleInstaller
RisingAdware.InstallCore!1.AB2C (CLASSIC)

How to remove Application.DealAgent.BGR?

Application.DealAgent.BGR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment