Backdoor

Backdoor.Win32.Agent.myuciw information

Malware Removal

The Backdoor.Win32.Agent.myuciw is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Agent.myuciw virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Backdoor.Win32.Agent.myuciw?



File Info:

name: 072BE014D1FAA67C4EDC.mlw
path: /opt/CAPEv2/storage/binaries/e833dd3329c5dacdb7433a2ec4e5d18b9916e6702c5aded4126ae69a07f2b173
crc32: E9DFB3AF
md5: 072be014d1faa67c4edc940e0429340d
sha1: f3bbf861e620c74ee4b9da1b33319c5ee3ea5d89
sha256: e833dd3329c5dacdb7433a2ec4e5d18b9916e6702c5aded4126ae69a07f2b173
sha512: f574d362788303e812b6111d3277071ffbd69dfe2916608adbf201d591a2d48c3125d60893a7fca02bbf4ee59d2f1206fb7217675d6d0a94d5f5578071014aee
ssdeep: 49152:2lDWTDYCe1PzliYVrDtbAi3/hBkgrCIJLf:2lDke1PzliYJDtbA0/hCGLf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E9533B20E946C2FFA102DB1C225675A9A64AF07675236478307F5AE6110F4C37CEEF9
sha3_384: 6f0e08bf6f7aee84e38aa68e447ec06242ee11d13585c775ddc6c7a0c389c5217e9e08f92c689217711b0c6bbc2ea115
ep_bytes: b830fb89005064ff3500000000648925
timestamp: 2021-07-06 05:20:24


Version Info:

FileVersion: 1.0.0.0
ProductVersion: 1.0.0.0
Unity Version: 2017.4.5f1_89d1db9cb682
Translation: 0x0804 0x04b0
FileDescription: Skype
ProductName: Skype
CompanyName: Skype
LegalCopyright: Skype
Comments: Skype

Backdoor.Win32.Agent.myuciw also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Agent.m!c
Elasticmalicious (high confidence)
DrWebJS.DownLoader.5738
MicroWorld-eScanTrojan.GenericKD.46590681
FireEyeTrojan.GenericKD.46590681
McAfeeArtemis!072BE014D1FA
CylanceUnsafe
ZillyaBackdoor.Agent.Win32.80601
K7AntiVirusAdware ( 005070c51 )
AlibabaBackdoor:Win32/Spyware.08295169
CrowdStrikewin/malicious_confidence_60% (W)
BitDefenderThetaGen:NN.ZexaCO.34182.5j1aaqWUdLpj
CyrenW32/Trojan.EGSL-6822
SymantecSpyware.Ardakey
ESET-NOD32a variant of Win32/Packed.BlackMoon.A potentially unwanted
Paloaltogeneric.ml
KasperskyBackdoor.Win32.Agent.myuciw
BitDefenderTrojan.GenericKD.46590681
NANO-AntivirusTrojan.Win32.Farfli.ixhgxt
RisingVirus.Sality!8.35A (CLOUD)
Ad-AwareTrojan.GenericKD.46590681
SophosGeneric PUA PD (PUA)
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
SentinelOneStatic AI – Malicious PE
EmsisoftTrojan.GenericKD.46590681 (B)
IkarusVirus.Win32.Sality
GDataTrojan.GenericKD.46590681
JiangminTrojan/Mepaow.bve
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1143897
Antiy-AVLTrojan/Generic.ASCommon.218
ArcabitTrojan.Generic.D2C6EAD9
ZoneAlarmBackdoor.Win32.Agent.myuciw
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4544150
VBA32Backdoor.Agent
ALYacTrojan.GenericKD.46590681
APEXMalicious
TencentWin32.Backdoor.Agent.Dlb
MAXmalware (ai score=80)
MaxSecureTrojan.Malware.119433541.susgen
FortinetW32/CoinMiner.WP!tr
AVGWin32:Malware-gen
Cybereasonmalicious.1e620c
AvastWin32:Malware-gen

How to remove Backdoor.Win32.Agent.myuciw?

Backdoor.Win32.Agent.myuciw removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment