Backdoor

What is “Backdoor.BAT.Agent”?

Malware Removal

The Backdoor.BAT.Agent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.BAT.Agent virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

How to determine Backdoor.BAT.Agent?



File Info:

name: 2F69BE28FB8F22DBBB9A.mlw
path: /opt/CAPEv2/storage/binaries/965ef7df900ddd8116f996a11c5aae48f575563de98981161d63118f558530fd
crc32: CA8A2049
md5: 2f69be28fb8f22dbbb9a7254c4bb5a4d
sha1: a09f4e9241fcb5aab784714db802364cd65ee8d9
sha256: 965ef7df900ddd8116f996a11c5aae48f575563de98981161d63118f558530fd
sha512: fe4d6e07a2c2888ea74929747471b006f33856a01c2b17d63582782dfc82cda59d6c2e8b1d9a4d443a80b35344596367c8477ec110235ff4397164c0ca96d591
ssdeep: 1536:41RQwUIcs8WSS1uE/Vy0EvmRgwzErV/oTRtw:AHUK8WSjE35gKcV/o9tw
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D6834C02B7A0C03ED49240F611619BBFDA76FA3E32461293E360BD767D7A4864627D0F
sha3_384: bcf1d5b4d32eb4533e210b6a9dfe0afc2a6f04d40615a0a98e64f47f78cf00fff01dd17f9c5d292e02dcf63d9992abec
ep_bytes: 558bec6aff682811410068dcbb400064
timestamp: 2013-01-27 18:50:40


Version Info:

0: [No Data]

Backdoor.BAT.Agent also known as:

ZillyaBackdoor.DarkKomet.Win32.7488
CyrenW32/BitCoinMiner.THWS-5168
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.DarkKomet-366
NANO-AntivirusTrojan.Win32.Poison.cwvawg
McAfee-GW-EditionArtemis
IkarusBackdoor.BAT.Agent
JiangminBackdoor/BAT.ba
MicrosoftTrojan:Win32/Zpevdo.B
McAfeeArtemis!2F69BE28FB8F
VBA32Backdoor.BAT.Agent
MalwarebytesTrojan.Crypt
RisingMalware.Agent!1.9F77 (CLASSIC)
SentinelOneStatic AI – Suspicious PE

How to remove Backdoor.BAT.Agent?

Backdoor.BAT.Agent removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment