Categories: Malware

Exploit:Win32/Aggressor.0_8 (file analysis)

The Exploit:Win32/Aggressor.0_8 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Exploit:Win32/Aggressor.0_8 virus can do?

Reads data out of its own binary image
The binary likely contains encrypted or compressed data.
Installs itself for autorun at Windows startup
Exhibits possible ransomware file modification behavior
Writes a potential ransom message to disk
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Exploit:Win32/Aggressor.0_8?


File Info:
crc32: 0E939894md5: d944aedd97f2ea772fc0d995bf1fdfc7name: radiohead.exesha1: e2a4e6f6146e3c2f50b6f8c98a066cea65fb347csha256: 8b715d783ba29bb6da5864f06a0f9d3987c4d36c54598e905eedc06a48332ec2sha512: fe5fc35cbcc240a95877c64891c685fccab38a1539492330d1379027f206c08d9e474194f8674ab090a695b328bce6a5272a06362cde74e27a716ec5229d5750ssdeep: 196608:qKQrFmI74qwGpO+2BjkY3TgLV1c76AhLVWWzqKSCtug206VNlk879S1EydOxql0:qfrFvbwrSf876zWzbug2dthS1EydOQltype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

Exploit:Win32/Aggressor.0_8 also known as:

Bkav	W32.FakeWinmediaA.Trojan
FireEye	Backdoor.FriLot.B
CAT-QuickHeal	Trojan.Aggressor
McAfee	Artemis!D944AEDD97F2
Cylance	Unsafe
BitDefender	Backdoor.FriLot.B
K7GW	Unwanted-Program ( 004f33a21 )
K7AntiVirus	Unwanted-Program ( 004f33a21 )
TrendMicro	TROJ_GEN.R002C0DEN19
NANO-Antivirus	Riskware.Win32.TrjGen.dfbdab
F-Prot	W32/HackTool.ACR
Symantec	PUA.Gen.2
ClamAV	Win.Trojan.N-151
GData	Win32.Trojan.Agent.0J23MO
Kaspersky	not-a-virus:NetTool.Win32.NukeNabber.21
Alibaba	Exploit:Win32/Zapchast.755c1080
Rising	Trojan.Mirchack.e (CLASSIC:e4cbbK90B+AQmcPDvPeGaw)
Endgame	malicious (high confidence)
Sophos	NukeNabber (PUA)
Comodo	Application.Win32.mIRC.~C@zrb46
F-Secure	Trojan.TR/Nuker.Nukenabber.A.1
DrWeb	IRC.Virus
McAfee-GW-Edition	Generic PUP.h
Emsisoft	Backdoor.FriLot.B (B)
Cyren	W32/Tool.PXZU-1888
Jiangmin	Backdoor/mIRC-based.g
MaxSecure	Trojan.Malware.16862.susgen
Avira	TR/Nuker.Nukenabber.A.1
MAX	malware (ai score=100)
Microsoft	Exploit:Win32/Aggressor.0_8
Arcabit	Backdoor.FriLot.B
ZoneAlarm	not-a-virus:NetTool.Win32.NukeNabber.21
VBA32	Exploit.Aggressor
Malwarebytes	HackTool.SnadBoy
ESET-NOD32	Win32/NetTool.NukeNabber.21 potentially unsafe
TrendMicro-HouseCall	TROJ_GEN.R002C0DEN19
Yandex	HackTool.NukeNabber!QGSy5xTvuJo
Ikarus	not-a-virus:NetTool.Win32.NukeNabber
eGambit	Unsafe.AI_Score_61%
Fortinet	Riskware/Nukenabber
AVG	Win32:Frilot [Trj]
Cybereason	malicious.d97f2e
Avast	Win32:Frilot [Trj]
Qihoo-360	Win32/Virus.NetTool.b3b