Backdoor

Backdoor.Win32.Agent.myuciz malicious file

Malware Removal

The Backdoor.Win32.Agent.myuciz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Agent.myuciz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • A process created a hidden window
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Attempts to modify browser security settings
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Backdoor.Win32.Agent.myuciz?



File Info:

name: 8280F2C716831DD95234.mlw
path: /opt/CAPEv2/storage/binaries/6eebb2f0808078ff8133940fd19221bbb93bbac1cb202ea6a5002e65162bdbe1
crc32: 3B65CE97
md5: 8280f2c716831dd95234291746e8b4e7
sha1: 52f67c264e3e507a771c5d73bf9d5a38adda8d2f
sha256: 6eebb2f0808078ff8133940fd19221bbb93bbac1cb202ea6a5002e65162bdbe1
sha512: 4713d755af72d49a5ba1b2ac0b36ad7310fbc089b95c164de6c41b1a06db3cc241841befd1d2d26fbca536b387cb2688817fe9052a295b4df6efdd2b5c905212
ssdeep: 49152:hVgmkvcfTN3C8qOA/RiiMm3kBWA4peyNsa/82v4QMEzydbOBz1r8:kFYTN3nLA5iY0BWdJs+82AQhO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DB95331C2CB2759ADB874AB985FAB15879A3885D7FE10A069007CC65F0FC2BB2DD07D1
sha3_384: 2f38b1d774c498f7c3bcd3f254447404e8838c4271d33040083c04aa8115de68e843df9ddafc651c2a4772138b8f3cb1
ep_bytes: b8300b8a005064ff3500000000648925
timestamp: 2021-07-06 06:53:27


Version Info:

FileVersion: 1.0.0.0
ProductVersion: 1.0.0.0
Unity Version: 2017.4.5f1_89d1db9cb682
Translation: 0x0804 0x04b0
FileDescription: Skype
ProductName: Skype
CompanyName: Skype
LegalCopyright: Skype
Comments: Skype

Backdoor.Win32.Agent.myuciz also known as:

LionicTrojan.Win32.Agent.m!c
Elasticmalicious (high confidence)
DrWebJS.DownLoader.5738
MicroWorld-eScanTrojan.GenericKD.46591036
FireEyeTrojan.GenericKD.46591036
McAfeeArtemis!8280F2C71683
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforBackdoor.Win32.Agent.myuciz
CrowdStrikewin/malicious_confidence_60% (W)
AlibabaBackdoor:Win32/Spyware.92a890cb
K7AntiVirusAdware ( 005070c51 )
BitDefenderThetaGen:NN.ZexaCO.34182.5j1aaiqw1zbj
CyrenW32/Trojan.PVXS-1510
SymantecSpyware.Ardakey
ESET-NOD32a variant of Win32/Packed.BlackMoon.A potentially unwanted
APEXMalicious
Paloaltogeneric.ml
KasperskyBackdoor.Win32.Agent.myuciz
BitDefenderTrojan.GenericKD.46591036
NANO-AntivirusTrojan.Win32.Farfli.ixmlck
TencentWin32.Backdoor.Agent.Dzjk
Ad-AwareTrojan.GenericKD.46591036
SophosGeneric PUA FC (PUA)
ZillyaBackdoor.Agent.Win32.80599
TrendMicroTROJ_GEN.R002C0OB222
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
EmsisoftTrojan.GenericKD.46591036 (B)
IkarusVirus.Win32.Sality
GDataTrojan.GenericKD.46591036
JiangminTrojan/Mepaow.bve
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1143897
Antiy-AVLTrojan/Generic.ASCommon.218
GridinsoftRansom.Win32.Miner.sa
MicrosoftTrojan:Win32/Ymacco.AB6E
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4544150
VBA32Backdoor.Agent
ALYacTrojan.GenericKD.46591036
MAXmalware (ai score=81)
TrendMicro-HouseCallTROJ_GEN.R002C0OB222
RisingVirus.Sality!8.35A (CLOUD)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.119433591.susgen
FortinetW32/CoinMiner.WP!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen

How to remove Backdoor.Win32.Agent.myuciz?

Backdoor.Win32.Agent.myuciz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment