Trojan

What is “Trojan.Agent.BCLT”?

Malware Removal

The Trojan.Agent.BCLT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.BCLT virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Trojan.Agent.BCLT?



File Info:

name: E97E77412F156EFB68EB.mlw
path: /opt/CAPEv2/storage/binaries/e95eb4a0d9f71bceef3d4163d6d53a4f720928d9c5d2bd50e6ae341eb5da8883
crc32: 139CDE48
md5: e97e77412f156efb68eb271be16976c0
sha1: 8a7279647252d25d59b94a0d65c614d60137d2db
sha256: e95eb4a0d9f71bceef3d4163d6d53a4f720928d9c5d2bd50e6ae341eb5da8883
sha512: 816278f323896b67111736310ed19815343d468fc2a52397a2eebfde1e9878782c971b5898e5b6a1e579eed9dbdad09874c3946b28aaaece7b21285e9b0586d4
ssdeep: 12288:xCw/vdSr8kzy5RzmqSfe8pGUeJVVW5JODD:Pc1qSRDg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16894021031D2C837D00282BE4955C33465A73DAA55669DCF2BC1A9E86F3E3D6FBB920D
sha3_384: c3717a07402c45bfec5f8c7aed805009ffe48f99d41e2195279f66bd439596602b04208b441d7528e0e5ae38532cdf76
ep_bytes: e8e0190000e916feffff558bec83ec04
timestamp: 2014-04-01 20:15:36


Version Info:

0: [No Data]

Trojan.Agent.BCLT also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Necurs.b!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.e97e77412f156efb
CAT-QuickHealWorm.Gamarue.I5
McAfeePWSZbot-FWS!E97E77412F15
CylanceUnsafe
VIPRETrojan.Win32.Zbot.aaum (v)
SangforTrojan.Win32.AGEN.1016163
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDropper:Win32/Necurs.80aaa637
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
VirITTrojan.Win32.Zbot.GTB
CyrenW32/Trojan.LYJC-8117
SymantecTrojan.Zbot
ESET-NOD32Win32/Spy.Zbot.AAU
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Malware.Zbot-9858809-0
KasperskyTrojan-Dropper.Win32.Necurs.tyn
BitDefenderTrojan.Agent.BCLT
NANO-AntivirusTrojan.Win32.Necurs.cwhsfl
MicroWorld-eScanTrojan.Agent.BCLT
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.114c3955
Ad-AwareTrojan.Agent.BCLT
EmsisoftTrojan.Agent.BCLT (B)
ComodoMalware@#hvrvvaq4eqq2
DrWebTrojan.PWS.Panda.5676
ZillyaDropper.Necurs.Win32.2860
TrendMicroTROJ_GEN.R034E01BD15
McAfee-GW-EditionBehavesLike.Win32.Upatre.gc
SophosML/PE-A + Mal/Zbot-PK
IkarusTrojan-PWS.Win32.Zbot
GDataTrojan.Agent.BCLT
JiangminTrojanDropper.Necurs.bol
AviraHEUR/AGEN.1241622
Antiy-AVLTrojan[Dropper]/Win32.Necurs
KingsoftWin32.Troj.Necurs.t.(kcloud)
ArcabitTrojan.Agent.BCLT
SUPERAntiSpywareTrojan.Agent/Gen-Zbot
ZoneAlarmTrojan-Dropper.Win32.Necurs.tyn
MicrosoftPWS:Win32/Zbot
TACHYONTrojan-Dropper/W32.Necurs.444416
AhnLab-V3Trojan/Win32.Zbot.R103274
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34212.BqW@amHHgYji
ALYacTrojan.Agent.BCLT
MAXmalware (ai score=100)
VBA32TrojanDropper.Necurs
MalwarebytesSpyware.ZeuS
TrendMicro-HouseCallTROJ_GEN.R034E01BD15
RisingTrojan.Spy.Win32.Zbot.hjr (CLOUD)
YandexTrojan.DR.Necurs!qdbg3xqkvyM
SentinelOneStatic AI – Malicious PE
FortinetW32/Tiny.NKL!tr.dldr
AVGWin32:Malware-gen
PandaGeneric Malware

How to remove Trojan.Agent.BCLT?

Trojan.Agent.BCLT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment