About “Downloader.Bagoox.8099” infection

The Downloader.Bagoox.8099 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Downloader.Bagoox.8099 virus can do?

Unconventionial binary language: Chinese (Simplified)
Unconventionial language used in binary resources: Chinese (Simplified)
Authenticode signature is invalid

How to determine Downloader.Bagoox.8099?


File Info:
name: E548A37623FB0FC73828.mlw
path: /opt/CAPEv2/storage/binaries/54ce7259bf449e0916e664ed063593dd68b34ab473af48319e107e147c10dda8
crc32: B3E92F14
md5: e548a37623fb0fc738288baf8df4010a
sha1: 33e3a501f953be0df0c491e3e645531cd8e2e860
sha256: 54ce7259bf449e0916e664ed063593dd68b34ab473af48319e107e147c10dda8
sha512: 5af3676e281d078eccf4f3944abea5e1cb015c171c9a1fdbb2bd6f4d0c147949409cbfe8f79c918b5ee6dfe13385ab4ffeeb79406145886296cd64d926a5a396
ssdeep: 12288:UduIhkIYDl7k3cW4brGdSjyCJR4xrREUfyxO2JKV48uVQFYuVQx:UkIaIcCPSuCv4RREpxO2JMcVwVU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CA359D23B252C8B2D6041A7055BB4779FE34AF561D34CF83E3B0FE39AC726919927219
sha3_384: a0110f03597108105aa176a9d71a6acc47b769345ccad5dd5b07a6a129a17b53915c4faa03fcac1054c6a71394a131e9
ep_bytes: 558bec6aff68288f4d006874bc480064
timestamp: 2012-04-25 13:35:38

Version Info:
FileVersion: 1.0.0.0
FileDescription: 私人专用，请勿外传！
ProductName: IS挂号刷屏
ProductVersion: 1.0.0.0
CompanyName: 去年今夜的风
LegalCopyright: QQ:2644000
Comments: 去年今夜的风QQ:2644000
Translation: 0x0804 0x04b0

Downloader.Bagoox.8099 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Multi.Generic.lx0k
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.69356005
CAT-QuickHeal	Downloader.Bagoox.8099
Skyhigh	BehavesLike.Win32.Generic.th
McAfee	Artemis!E548A37623FB
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Trojan.Win32.Agent.V143
K7AntiVirus	Adware ( 0050718d1 )
BitDefender	Trojan.GenericKD.69356005
K7GW	Adware ( 0050718d1 )
Cybereason	malicious.1f953b
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEX	Malicious
Rising	Trojan.Generic@AI.99 (RDML:64rGTf5HqX9v/IzOsmT3+g)
Sophos	Generic Reputation PUA (PUA)
F-Secure	Trojan:W32/DelfInject.R
VIPRE	Trojan.GenericKD.69356005
Trapmine	suspicious.low.ml.score
FireEye	Generic.mg.e548a37623fb0fc7
Emsisoft	Trojan.GenericKD.69356005 (B)
Ikarus	Trojan.Rootkit.Gen2
Google	Detected
Varist	W32/Trojan.CLL.gen!Eldorado
Antiy-AVL	Trojan/Win32.FlyStudio.a
Kingsoft	malware.kb.a.997
Microsoft	Trojan:Win32/Emotet!ml
Xcitium	TrojWare.Win32.Agent.OSCF@5rs7jr
Arcabit	Trojan.Generic.D42249E5
GData	Win32.Trojan.PSE.18X8GXE
Cynet	Malicious (score: 100)
BitDefenderTheta	Gen:NN.ZexaF.36792.er0@a4s2Hdpb
ALYac	Trojan.GenericKD.69356005
MAX	malware (ai score=86)
DeepInstinct	MALICIOUS
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H0CIQ23
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	PossibleThreat.ZDS
AVG	Win32:TrojanX-gen [Trj]
Avast	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_60% (W)

How to remove Downloader.Bagoox.8099?

Downloader.Bagoox.8099 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X