Backdoor

Should I remove “Backdoor.Win32.Agent.myunwl”?

Malware Removal

The Backdoor.Win32.Agent.myunwl is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.Agent.myunwl virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Unconventionial binary language: Portuguese (Brazil)
  • Unconventionial language used in binary resources: Portuguese (Brazilian)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Backdoor.Win32.Agent.myunwl?



File Info:

name: 4979F3A31CFF6D0F420B.mlw
path: /opt/CAPEv2/storage/binaries/a8cbd0f17ac523464d78874a10b72ecbe114f72cb948ea5ea02ed180e98906f0
crc32: 95F4C707
md5: 4979f3a31cff6d0f420b91a1f5ef82ce
sha1: 72a8851e9a84c16291f8a4a7a3d83cbbb6460704
sha256: a8cbd0f17ac523464d78874a10b72ecbe114f72cb948ea5ea02ed180e98906f0
sha512: 6b335d293f856a45659ef51ea86d333270e0aa53d5053b13f0c440fb63a4726b5b4653cc89443061809258db3e0000885d192ecc4d5a20b1cb0b3a834c9be786
ssdeep: 24576:JZTyzKxDVKr8XKRbZKbhrDTTvs3QNZTyzKxDn:JZTbLKQDnE3MZTbl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FA555B7AB78D9437C8324ABC4DAFD5D5A80A39313C186847F6C45F4C6E355E2372AA83
sha3_384: 79ab61509f78d30baae9dd26c025ab34bb1850e09f82f8b33a8fd3448d81fff2c1bca7d10206ccf8db3cfc609dfc8ec7
ep_bytes: 558bec83c4f05356b874814e00e8caea
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: HP Printers
FileDescription: Utility printer driver
FileVersion: 1.0.0.51
InternalName: 
LegalCopyright: 
LegalTrademarks: HP Printers
OriginalFilename: 
ProductName: 
ProductVersion: 1.0.0.0
Translation: 0x0416 0x04e4

Backdoor.Win32.Agent.myunwl also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Agent.Y!c
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.Spy.Banker.ADEF
FireEyeGeneric.mg.4979f3a31cff6d0f
CAT-QuickHealTrojan.GenericPMF.S23351721
McAfeePWS-Banker.gen.ez
MalwarebytesBanker.Trojan.Stealer.DDS
ZillyaTrojan.Agent.Win32.148927
SangforTrojan.Win32.Save.a
K7AntiVirusSpyware ( 0026b47a1 )
AlibabaMalware:Win32/km_2e2d0ea.None
K7GWSpyware ( 0026b47a1 )
CrowdStrikewin/malicious_confidence_100% (W)
VirITTrojan.Win32.SHeur3.CHUC
CyrenW32/Banker.V.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/Spy.Banker.WGA
APEXMalicious
ClamAVWin.Trojan.Netmail-9844910-0
KasperskyBackdoor.Win32.Agent.myunwl
BitDefenderTrojan.Spy.Banker.ADEF
NANO-AntivirusTrojan.Win32.Agent.dpnib
ViRobotTrojan.Win32.A.Agent.1050112.A
AvastWin32:BankerX-gen [Trj]
RisingRansom.Blocker!8.12A (TFE:4:iWNbawThGVF)
EmsisoftTrojan.Spy.Banker.ADEF (B)
F-SecureDropper.DR/Delphi.Gen
DrWebTrojan.MulDrop7.21669
VIPRETrojan.Spy.Banker.ADEF
TrendMicroTrojanSpy.Win32.BANKER.SMTH
McAfee-GW-EditionBehavesLike.Win32.PWSBanker.th
SophosTroj/Agent-BCNT
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan-Stealer.Banker.AK
JiangminTrojan/Agent.ergo
AviraDR/Delphi.Gen
MAXmalware (ai score=84)
Antiy-AVLTrojan/Win32.Agent
XcitiumTrojWare.Win32.Spy.Banker.VIS@8ekceg
ArcabitTrojan.Spy.Banker.ADEF
ZoneAlarmBackdoor.Win32.Agent.myunwl
MicrosoftTrojanSpy:Win32/Banker
CynetMalicious (score: 100)
AhnLab-V3Worm/Win.Banker.X2182
VBA32Trojan.Runner.4705
ALYacTrojan.Spy.Banker.ADEF
Cylanceunsafe
PandaGeneric Malware
ZonerTrojan.Win32.79693
TrendMicro-HouseCallTrojanSpy.Win32.BANKER.SMTH
TencentTrojan.Win32.Blocker.wf
IkarusTrojan-Banker.Win32.Delf
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Banker.WGA!tr.spy
BitDefenderThetaGen:NN.ZelphiF.36196.pL3@aWBVSPeG
AVGWin32:BankerX-gen [Trj]
Cybereasonmalicious.31cff6
DeepInstinctMALICIOUS

How to remove Backdoor.Win32.Agent.myunwl?

Backdoor.Win32.Agent.myunwl removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment