Malware

Downloader.Win32.Agent.mjbf removal

Malware Removal

The Downloader.Win32.Agent.mjbf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Downloader.Win32.Agent.mjbf virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Queries information on disks, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
query.kuai8box.com
icon.kuai8box.com

How to determine Downloader.Win32.Agent.mjbf?



File Info:

crc32: E57DAC84
md5: b796fdf611c888843c87e7aaf38ca3e9
name: ____________3_c200050_s14g16467.exe
sha1: f4e8c3d92660c3abe3e42155d2dc9f2295108e6a
sha256: 54b3cc9d2151a41699badb2885d6bba6f0358786736a9fb47965a13b6cb8b161
sha512: 69a72ba8f3720b344b46db44b0d212184b04f98209b5683393f66e4c3737fd78b5de471058db534c5d8f23b59c315400c87ca849a5e81b5fb9954024cabffbbe
ssdeep: 196608:06GQfmXHL+2RTOpNRyE2gezVqxzjpby8uETKU7DW21Rf3zAhPZgpSE8pS3JnzpcR:xGcmXHT4RyeezEzNW8BTz7Sw++JnzmX
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: x7248x6743x6240x6709 (C)2013 x5947x70abx6b22x4eab
FileVersion: 9.0.1.8134
CompanyName: x5947x70abx6b22x4eab
SpecialBuild: 100102
Comments: x5febx5427x6e38x620f v9.0
ProductName: x5febx5427x6e38x620f
ProductVersion: 9.0.1.8134
FileDescription: x5febx5427x6e38x620f
Translation: 0x0804 0x03a8

Downloader.Win32.Agent.mjbf also known as:

CAT-QuickHealTrojan.Kuaiba
McAfeeArtemis!B796FDF611C8
CylanceUnsafe
K7AntiVirusAdware ( 005627ab1 )
K7GWAdware ( 005627ab1 )
Invinceaheuristic
SymantecML.Attribute.HighConfidence
Paloaltogeneric.ml
GDataWin32.Application.Agent.A8JNBO
Kasperskynot-a-virus:Downloader.Win32.Agent.mjbf
AlibabaDownloader:Win32/Kuaiba.421c0171
NANO-AntivirusTrojan.Win32.Kuaiba.hnftht
AvastWin32:Adware-gen [Adw]
RisingPUF.Kuaiba!8.F612 (TFE:5:AdZpk4Pbip)
ComodoApplicUnwnt@#3cfgmr8yojz2m
F-SecureAdware.ADWARE/Kuaiba.tfcgn
ZillyaAdware.Kuaiba.Win32.611
TrendMicroTROJ_GEN.R03BC0WF920
CyrenW32/Trojan.XXDB-7849
Aviraobject
Endgamemalicious (high confidence)
ZoneAlarmnot-a-virus:Downloader.Win32.Agent.mjbf
MicrosoftPUA:Win32/Kuaiba
VBA32BScope.TrojanDownloader.Banload
MalwarebytesAdware.Kuaiba
ESET-NOD32a variant of Win32/Adware.Kuaiba.L
TrendMicro-HouseCallTROJ_GEN.R002H0CG620
YandexPUA.Kuaiba!
FortinetRiskware/Generic_PUA_AG
AVGWin32:Adware-gen [Adw]
PandaPUP/Adware

How to remove Downloader.Win32.Agent.mjbf?

Downloader.Win32.Agent.mjbf removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment