Fake Trojan

BScope.TrojanFakeAV.Agent (file analysis)

Malware Removal

The BScope.TrojanFakeAV.Agent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.TrojanFakeAV.Agent virus can do?

  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial binary language: Romanian
  • Unconventionial language used in binary resources: Romanian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempted to write directly to a physical drive
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine BScope.TrojanFakeAV.Agent?



File Info:

name: BBAF2FE52FF21CA7B21D.mlw
path: /opt/CAPEv2/storage/binaries/ee1af18596381db6e211f7d827937685a2082bb1581779402763e28317991aa6
crc32: 1C749088
md5: bbaf2fe52ff21ca7b21d6baac84b8ea9
sha1: 5753e661dca9cbb3f08ebef19828ff2e0ff2b411
sha256: ee1af18596381db6e211f7d827937685a2082bb1581779402763e28317991aa6
sha512: 5c755da4cce2ab7dda0af96655966bdc4d6b6329405960ee382f606ca339af6f2ac06da1aef2b6179c1bdcbdb6ede357b0731497abb8364427e5cb3a3e70f377
ssdeep: 98304:LepUhr1Tps2IvNGzGtHbGYvLB/Nu3bhhh2cf2dMrHw3siiz43Jj7HLFIQ2BsSc8:QK1S2IvN1G8wzhVXQ399p7HLOQisG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B7462201BA91C070F4A25A34D9B6C7BD5A39BD2C4E318A9F6374B93D2E707C16634F26
sha3_384: bccc36cd04a299e12094c90b24420b13fb0124a5a10a80854cac374062f2c9e3923e152d4f4c18f63a0379eafc992df8
ep_bytes: e8b3040000e97afeffff558bec56ff75
timestamp: 2019-10-18 12:16:04


Version Info:

FileVersion: 0, 0, 0, 0
ProductVersion: 0, 0, 0, 0
FileDescription: BDDepSrv Application
InternalName: BDDepSrv
LegalCopyright: Copyright (C) 2012
OriginalFilename: BDDepSrv.exe
ProductName: BDDepSrv Application
CompanyName: Bitdefender
Translation: 0x0418 0x04b0

BScope.TrojanFakeAV.Agent also known as:

BkavW32.AIDetectMalware
DrWebTrojan.DownLoader29.44531
McAfeeArtemis!BBAF2FE52FF2
SangforTrojan.Win32.Agent.Vaav
Cybereasonmalicious.52ff21
AvastWin32:Malware-gen
RisingTrojan.Detplock!8.4A0D (CLOUD)
McAfee-GW-EditionBehavesLike.Win32.BadFile.tc
Antiy-AVLTrojan/Win32.Wacatac
MicrosoftTrojan:Win32/Zpevdo.A
VBA32BScope.TrojanFakeAV.Agent
Cylanceunsafe
MaxSecureTrojan.Malware.74778316.susgen
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove BScope.TrojanFakeAV.Agent?

BScope.TrojanFakeAV.Agent removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment