Exploit:Win32/Aggressor.0_8 (file analysis)

Malware Removal

The Exploit:Win32/Aggressor.0_8 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Exploit:Win32/Aggressor.0_8 virus can do?

  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Exploit:Win32/Aggressor.0_8?


File Info:

crc32: 0E939894
md5: d944aedd97f2ea772fc0d995bf1fdfc7
name: radiohead.exe
sha1: e2a4e6f6146e3c2f50b6f8c98a066cea65fb347c
sha256: 8b715d783ba29bb6da5864f06a0f9d3987c4d36c54598e905eedc06a48332ec2
sha512: fe5fc35cbcc240a95877c64891c685fccab38a1539492330d1379027f206c08d9e474194f8674ab090a695b328bce6a5272a06362cde74e27a716ec5229d5750
ssdeep: 196608:qKQrFmI74qwGpO+2BjkY3TgLV1c76AhLVWWzqKSCtug206VNlk879S1EydOxql0:qfrFvbwrSf876zWzbug2dthS1EydOQl
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Exploit:Win32/Aggressor.0_8 also known as:

BkavW32.FakeWinmediaA.Trojan
FireEyeBackdoor.FriLot.B
CAT-QuickHealTrojan.Aggressor
McAfeeArtemis!D944AEDD97F2
CylanceUnsafe
BitDefenderBackdoor.FriLot.B
K7GWUnwanted-Program ( 004f33a21 )
K7AntiVirusUnwanted-Program ( 004f33a21 )
TrendMicroTROJ_GEN.R002C0DEN19
NANO-AntivirusRiskware.Win32.TrjGen.dfbdab
F-ProtW32/HackTool.ACR
SymantecPUA.Gen.2
ClamAVWin.Trojan.N-151
GDataWin32.Trojan.Agent.0J23MO
Kasperskynot-a-virus:NetTool.Win32.NukeNabber.21
AlibabaExploit:Win32/Zapchast.755c1080
RisingTrojan.Mirchack.e (CLASSIC:e4cbbK90B+AQmcPDvPeGaw)
Endgamemalicious (high confidence)
SophosNukeNabber (PUA)
ComodoApplication.Win32.mIRC.~C@zrb46
F-SecureTrojan.TR/Nuker.Nukenabber.A.1
DrWebIRC.Virus
McAfee-GW-EditionGeneric PUP.h
EmsisoftBackdoor.FriLot.B (B)
CyrenW32/Tool.PXZU-1888
JiangminBackdoor/mIRC-based.g
MaxSecureTrojan.Malware.16862.susgen
AviraTR/Nuker.Nukenabber.A.1
MAXmalware (ai score=100)
MicrosoftExploit:Win32/Aggressor.0_8
ArcabitBackdoor.FriLot.B
ZoneAlarmnot-a-virus:NetTool.Win32.NukeNabber.21
VBA32Exploit.Aggressor
MalwarebytesHackTool.SnadBoy
ESET-NOD32Win32/NetTool.NukeNabber.21 potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R002C0DEN19
YandexHackTool.NukeNabber!QGSy5xTvuJo
Ikarusnot-a-virus:NetTool.Win32.NukeNabber
eGambitUnsafe.AI_Score_61%
FortinetRiskware/Nukenabber
AVGWin32:Frilot [Trj]
Cybereasonmalicious.d97f2e
AvastWin32:Frilot [Trj]
Qihoo-360Win32/Virus.NetTool.b3b

How to remove Exploit:Win32/Aggressor.0_8?

Exploit:Win32/Aggressor.0_8 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment