Malware

Troj/Agent-BGRP information

Malware Removal

The Troj/Agent-BGRP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/Agent-BGRP virus can do?

  • Sample contains Overlay data
  • Creates an indicator observed in Territorial Disputes report SIG40
  • Uses Windows utilities for basic functionality
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Troj/Agent-BGRP?



File Info:

name: 0A1AD170431CAA7DD439.mlw
path: /opt/CAPEv2/storage/binaries/b9cacc4785c8ed30dbfb66d4f4be3f7f5e749637f142b4bc816633b43d5ab29c
crc32: 18A46D7A
md5: 0a1ad170431caa7dd4398c1bbca205db
sha1: 53b14c6e5e85edf2bae98fbdf90237172778df79
sha256: b9cacc4785c8ed30dbfb66d4f4be3f7f5e749637f142b4bc816633b43d5ab29c
sha512: f0b2d7762db9445186a5829ca0d95a591b24afe6e5ef577a8320ad2bb653b692aca2895c27da43ccc330964ffbc08bcab0292940b8e4c861ed12b2156e304b9c
ssdeep: 12288:aCfp5fwQb45fwPPh2kkkkK4kXkkkkkkkkl888888888888888888nusMH0QiRLsv:aCfp5fB45foPh2kkkkK4kXkkkkkkkkhs
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T173E45C43EAD3A63BC8AF5A38413B9F17922ACC24EF9180D71E94E971ADB15C834353D5
sha3_384: 849d04ec690f384033ff9716e1c60cdd66307a7b754e6e3e54b63aee8673893fea519e55bd5d07598a3071096ac93305
ep_bytes: 909090609090b80010400090906a0490
timestamp: 1984-04-18 04:22:33


Version Info:

0: [No Data]

Troj/Agent-BGRP also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGenPack:Trojan.GenericKDZ.98113
ClamAVWin.Trojan.Crypted-29
FireEyeGeneric.mg.0a1ad170431caa7d
CAT-QuickHealBackdoor.Berbew.A6.MUE
SkyhighBehavesLike.Win32.Backdoor.bh
McAfeeTrojan-FVOJ!0A1AD170431C
Cylanceunsafe
ZillyaTrojan.Padodor.Win32.352937
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780dd1 )
K7GWTrojan ( 005780dd1 )
Cybereasonmalicious.e5e85e
ArcabitGenPack:Trojan.Generic.D17F41
BaiduWin32.Trojan-Spy.Quart.a
SymantecBackdoor.Berbew.F
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Padodor.NAX
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Proxy.Win32.Qukart.vih
BitDefenderGenPack:Trojan.GenericKDZ.98113
NANO-AntivirusTrojan.Win32.Qukart.kbtgcf
AvastWin32:TrojanX-gen [Trj]
TencentTrojan-Proxy.Win32.Qukart.wb
TACHYONBackdoor/W32.Padodor
SophosTroj/Agent-BGRP
F-SecureTrojan.TR/Crypt.XDR.Gen
DrWebBackDoor.HangUp.43874
VIPREGenPack:Trojan.GenericKDZ.98113
Trapminemalicious.moderate.ml.score
EmsisoftGenPack:Trojan.GenericKDZ.98113 (B)
IkarusTrojan.Crypt
JiangminTrojanProxy.Qukart.nhe
AviraTR/Crypt.XDR.Gen
Antiy-AVLTrojan[Proxy]/Win32.Qukart.gen
Kingsoftmalware.kb.a.997
MicrosoftBackdoor:Win32/Berbew.AA!MTB
ZoneAlarmTrojan-Proxy.Win32.Qukart.vih
GDataWin32.Trojan.PSE.11RRK8R
VaristW32/Kryptik.JEE.gen!Eldorado
AhnLab-V3Win-Trojan/Berbew.51712
Acronissuspicious
BitDefenderThetaAI:Packer.028646BB21
ALYacGenPack:Trojan.GenericKDZ.98113
MAXmalware (ai score=81)
VBA32Backdoor.HangUp
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
RisingBackdoor.Berbew!1.AE0A (CLASSIC)
YandexTrojan.PR.Qukart!eRgqdXuul6k
SentinelOneStatic AI – Malicious PE
MaxSecureProxy.Qukart.gen
FortinetW32/Qukart.A!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Troj/Agent-BGRP?

Troj/Agent-BGRP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment