Malware

Downloader.Exent (file analysis)

Malware Removal

The Downloader.Exent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Downloader.Exent virus can do?

  • Unconventionial language used in binary resources: Hebrew
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Downloader.Exent?



File Info:

name: 6A39A3BE5F2918A1BC6F.mlw
path: /opt/CAPEv2/storage/binaries/395746e79ec315fd2cdd8a7fdce5d63fdaee06c735a8ccab232db12755b469dc
crc32: E8F9BA72
md5: 6a39a3be5f2918a1bc6f574fa61ecc5e
sha1: 91b5b73571d12aa2baab1b6e09ecb86f24ba7ddf
sha256: 395746e79ec315fd2cdd8a7fdce5d63fdaee06c735a8ccab232db12755b469dc
sha512: 6f7e2a8106d417ab10151c6aaf89fe56a7030c86e02eb224bc8a18db2f67ebac10860da69271ca5ee91172e64cb26d09e3715bc423a357b1f01f3bbabfcc0a26
ssdeep: 6144:nssb/HLQ0UzWZDt11qZfAvi9NgpbQxOpGubqwXDgwebuLRmiJb16j0d4f1YoSWCY:nhcZfeiP0JpGsDgwebuLRmi0f1YoSo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T108B4493177C3C036D62912B088A5DB72C6F27C644F25DBCB6398AE2DAD395D48936339
sha3_384: fb09f02e8e9ea6332df0df2a10ecaf2413051cbea92ab4b5dcd92ddec89771bc5dd438ca02f53faffce1e2a4f69f4356
ep_bytes: 60be00304e008dbe00e0f1ff5789e58d
timestamp: 2020-02-13 16:16:58


Version Info:

Comments: SV12 
CompanyName: Exent Technologies Ltd.
FileDescription: FreeRide Games
FileVersion: 1, 0, 1, 21
InternalName: FreeRide Games
LegalCopyright: Copyright © 1996-2020 Exent Technologies Ltd. All rights reserved.
LegalTrademarks: 
OriginalFilename: FreeRide Games.EXE
PrivateBuild: 
ProductName: FreeRide Games
ProductVersion: 1, 0, 1, 21
SpecialBuild: 
Translation: 0x0409 0x04b0

Downloader.Exent also known as:

MicroWorld-eScanTrojan.GenericKDZ.88989
ALYacTrojan.GenericKDZ.88989
CylanceUnsafe
VIPRETrojan.GenericKDZ.88989
Sangfor[ARMADILLO V1.71]
Cybereasonmalicious.e5f291
CyrenW32/GameVance.AV.gen!Eldorado
Elasticmalicious (moderate confidence)
BitDefenderTrojan.GenericKDZ.88989
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKDZ.88989
EmsisoftTrojan.GenericKDZ.88989 (B)
FireEyeGeneric.mg.6a39a3be5f2918a1
GDataWin32.Application.Exent.B
AviraHEUR/AGEN.1234502
MAXmalware (ai score=88)
Antiy-AVLTrojan/Generic.ASMalwS.6C82
ArcabitTrojan.Generic.D15B9D
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win.Generic.R462983
McAfeeGenericRXAA-AA!6A39A3BE5F29
VBA32Downloader.Exent
MalwarebytesMalware.AI.4075099763
APEXMalicious
MaxSecureTrojan.Malware.100945944.susgen
FortinetW32/ULPM.16C0!tr
AVGWin32:Malware-gen

How to remove Downloader.Exent?

Downloader.Exent removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment