Trojan

How to remove “Trojan.Agent.AXQM”?

Malware Removal

The Trojan.Agent.AXQM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.AXQM virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Spanish (El Salvador)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)

How to determine Trojan.Agent.AXQM?



File Info:

name: 600EB3239A24FD029EF1.mlw
path: /opt/CAPEv2/storage/binaries/f49dbcc25d14017b4f870be41be134af4321b44176f8101c32f11ebfc838aa8c
crc32: 60092BD8
md5: 600eb3239a24fd029ef17ab9f6108f4d
sha1: 0a1f960c22059a4e326cd6f4cfa5025dad23cfe0
sha256: f49dbcc25d14017b4f870be41be134af4321b44176f8101c32f11ebfc838aa8c
sha512: 70329ceb47f9776cb5f1b4e1b1e3663aaacc72c93a0b74e82411aa9a654418d63e03c3b46b911c27aa4c316577aa4ca2442b8fecb08226974d076e90ad1b716b
ssdeep: 6144:IQBqeiU9HhNX3dbGeKYZthwVPoBUK82i0xK+n:XhxpGeKU0oosxK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1652401137D69C035F448C4B19A7A037BB9BA5E35666F21AF93D4B4888DF11A4CB0633B
sha3_384: f7330fa02919c690a2c8ed7739f2adc2821d546897d3608802685c9579d60b3e45e31599c472a72a9d511edb37b5f889
ep_bytes: eb1066623a432b2b484f4f4b90e998a0
timestamp: 2012-10-25 19:19:42


Version Info:

Comments: emu8086 - microprocessor emulator
CompanyName: www.emu8086.com
FileDescription: emu8086
LegalCopyright: Copyright (c) 2008 emu8086.com  All Rights Reserved
LegalTrademarks: emu8086.com
ProductName: 8086 Microprocessor Emulator
FileVersion: 6.00.0009
ProductVersion: 6.00.0009
InternalName: emu8086
OriginalFilename: emu8086.exe
Translation: 0x0409 0x04b0

Trojan.Agent.AXQM also known as:

LionicTrojan.Win32.Zbot.l!c
tehtrisGeneric.Malware
DrWebTrojan.PWS.Panda.3035
MicroWorld-eScanTrojan.Agent.AXQM
FireEyeGeneric.mg.600eb3239a24fd02
McAfeeRansom-AAY.gen.l
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.82967
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0040f1d41 )
K7GWTrojan ( 0040f1d41 )
Cybereasonmalicious.39a24f
ArcabitTrojan.Agent.AXQM
BitDefenderThetaGen:NN.ZexaF.34592.nG1@a0!adxbO
CyrenW32/PWS.XEOH-1259
SymantecTrojan.Ransomlock!g21
Elasticmalicious (high confidence)
ESET-NOD32Win32/Spy.Zbot.AAO
APEXMalicious
TrendMicro-HouseCallTROJ_RANSOM.SMWX
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Agent.AXQM
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
SUPERAntiSpywareTrojan.Agent/Gen-Zbot
AvastWin32:Cryptor
TencentWin32.Trojan-spy.Zbot.Wjsg
Ad-AwareTrojan.Agent.AXQM
EmsisoftTrojan.Agent.AXQM (B)
ComodoTrojWare.Win32.PWS.ZBot.AAA@4sq88d
F-SecureTrojan.TR/Spy.Zbot.8897556
VIPRETrojan.Agent.AXQM
TrendMicroTROJ_RANSOM.SMWX
McAfee-GW-EditionBehavesLike.Win32.Emotet.dc
Trapminemalicious.moderate.ml.score
SophosML/PE-A + Mal/EncPk-AHQ
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.Zbot.ciam
GoogleDetected
AviraTR/Spy.Zbot.8897556
MAXmalware (ai score=87)
Antiy-AVLTrojan[Spy]/Win32.Zbot
MicrosoftPWS:Win32/Zbot!CI
GDataTrojan.Agent.AXQM
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.Zbot.R41664
Acronissuspicious
VBA32BScope.Malware-Cryptor.Oop
ALYacTrojan.Agent.AXQM
TACHYONTrojan-Spy/W32.ZBot.217088.AP
RisingTrojan.Generic@AI.83 (RDML:moPvzP1Tuwty3n9OPC8RgQ)
YandexTrojan.GenAsa!5nyqvr1KyPU
IkarusTrojan.Win32.Tobfy
FortinetW32/RANSOM.AAY!tr
AVGWin32:Cryptor
PandaTrj/Zbot.M
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Agent.AXQM?

Trojan.Agent.AXQM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment