Malware

About “Exploit.Win32.Agent” infection

Malware Removal

The Exploit.Win32.Agent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Exploit.Win32.Agent virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid

How to determine Exploit.Win32.Agent?



File Info:

name: FB36632B3777F1381D84.mlw
path: /opt/CAPEv2/storage/binaries/008d875ab089b45bc791f7e199f512b630d80dd75340781485bbedcc91d1b6c2
crc32: 22569BA0
md5: fb36632b3777f1381d8459c491022526
sha1: 5a047b6976727656058d1a3912a3b7fd2ad9150b
sha256: 008d875ab089b45bc791f7e199f512b630d80dd75340781485bbedcc91d1b6c2
sha512: 5a85b7123ae0c1e75da5aebca8d55fd304011370342f338d69a0df4ea87331baef891764656ac13c3d7617d8eaa300bf0a57a9273a1ecebd6511a08685755a5d
ssdeep: 6144:yGK5KdBTAlGdVazoi7hJo5/wkMNDbO05k5w6wHHjFPuFAKm/IkfYGQrDp0GPVFXd:yydHMoi7K/wkMNDVBIeSDXNH2M0bA+09
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1FDA49D0275B2C0B2C5578A719E3EC74A643AF5101F2249EBABC45DB92EB03C16972F77
sha3_384: 8b052fedcd8cd7ceb47afe93704e491b40c6cfc2a03fc4ae4630b0ee68fe6d3a6b81afb4f50c29f773a7db6c3154fe2d
ep_bytes: e8aa040000e974feffff836104008bc1
timestamp: 2022-09-06 11:05:39


Version Info:

0: [No Data]

Exploit.Win32.Agent also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeTrojan.GenericKDZ.91635
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HQRH
KasperskyHEUR:Exploit.Win32.Agent.gen
BitDefenderTrojan.GenericKDZ.91635
MicroWorld-eScanTrojan.GenericKDZ.91635
Ad-AwareTrojan.GenericKDZ.91635
EmsisoftTrojan.GenericKDZ.91635 (B)
DrWebTrojan.Inject4.41889
MAXmalware (ai score=85)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataTrojan.GenericKDZ.91635
VBA32BScope.Malware-Cryptor.MTA
MalwarebytesMalware.AI.4041449132
AvastWin32:ExploitX-gen [Expl]
RisingExploit.Agent!8.1B (TFE:5:WvpWC3mSreC)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:ExploitX-gen [Expl]

How to remove Exploit.Win32.Agent?

Exploit.Win32.Agent removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment