Trojan

Dropped:Trojan.AgentWDCR.ERJ (B) (file analysis)

Malware Removal

The Dropped:Trojan.AgentWDCR.ERJ (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Dropped:Trojan.AgentWDCR.ERJ (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • CAPE detected the FloodFix malware family
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Dropped:Trojan.AgentWDCR.ERJ (B)?



File Info:

name: 9EF37B764B633CBBD694.mlw
path: /opt/CAPEv2/storage/binaries/bb607269e9a219423ad2c7106a529c8ce5ac2976fb4f79c292378aaf01ea9582
crc32: 141771F4
md5: 9ef37b764b633cbbd694be6b2ca85cc8
sha1: 1bab0d654a85aa77174a18bd9fa559f441452ca8
sha256: bb607269e9a219423ad2c7106a529c8ce5ac2976fb4f79c292378aaf01ea9582
sha512: 0b16294c25e877e8c120a45e44a348698d3fbab61e130a3f8da2c8ac3c488e7291acfd4e79e5d8602d7b415dac7df387b9b5ce68e71f0da1305a594bf75d1ea9
ssdeep: 98304:KxcWZqtwwnjdCST1rNaC2Ua2hVl0wzFtbWQIhFKuUOMsA:e8nlt2r29zpWQIhFsVsA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1523633012900D3E9D524127165BF8F572CF8EC7D989CC29BB3827F6586BCD4359AE38A
sha3_384: 42d31d448561c85a30a0221b87c7bf6f4c2f6c2ab1d325c37a745ead7b4c8ba21b4ccbe4ea86c8478f2cbae5cfbf32d7
ep_bytes: e841deffffc33c608bec83c52454e855
timestamp: 2019-12-16 00:50:53


Version Info:

CompanyName: Power Software Ltd
FileDescription: PowerISO Setup
FileVersion: 8.7.0.0
LegalCopyright: Copyright(c) 2004-2023
ProductName: PowerISO Setup
ProductVersion: 8.7.0.0
Translation: 0x0409 0x04e4

Dropped:Trojan.AgentWDCR.ERJ (B) also known as:

BkavW32.AIDetectMalware
CynetMalicious (score: 99)
FireEyeGeneric.mg.9ef37b764b633cbb
Cylanceunsafe
VIPREDropped:Trojan.AgentWDCR.ERJ
SangforVirus.Win32.Save.Floxif
Cybereasonmalicious.54a85a
SymantecTrojan.Gen.6
ElasticWindows.Virus.Floxif
ESET-NOD32Win32/Floxif.H
ClamAVWin.Virus.Pioneer-9111434-0
KasperskyVirus.Win32.Pioneer.cz
BitDefenderDropped:Trojan.AgentWDCR.ERJ
NANO-AntivirusVirus.Win32.Pioneer.bvrqhu
MicroWorld-eScanDropped:Trojan.AgentWDCR.ERJ
AvastWin32:Pioneer-C
SophosW32/Floxif-G
F-SecureMalware.W32/Floxif.iici
DrWebWin32.FloodFix.7
EmsisoftDropped:Trojan.AgentWDCR.ERJ (B)
IkarusVirus.Win32.Floxif.A
JiangminTrojan.Generic.eeffo
GoogleDetected
AviraW32/Floxif.iici
Antiy-AVLVirus/Win32.Floxif
MicrosoftVirus:Win32/Floxif.H
XcitiumVirus.Win32.Floxif.A@7h5wha
ArcabitTrojan.AgentWDCR.ERJ
ZoneAlarmVirus.Win32.Pioneer.cz
GDataWin32.Virus.Floxif.A
VaristW32/Floxif.B
ALYacDropped:Trojan.AgentWDCR.ERJ
MAXmalware (ai score=88)
VBA32Virus.Win32.Floxif.h
MalwarebytesGeneric.Malware.AI.DDS
PandaGeneric Suspicious
SentinelOneStatic AI – Suspicious PE
FortinetW32/Floxif.E
AVGWin32:Pioneer-C
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Dropped:Trojan.AgentWDCR.ERJ (B)?

Dropped:Trojan.AgentWDCR.ERJ (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment