Trojan

Trojan.Agent.BDXS information

Malware Removal

The Trojan.Agent.BDXS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.BDXS virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Polish
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Anomalous binary characteristics

How to determine Trojan.Agent.BDXS?



File Info:

name: 8C7ECBA01716E09E2D96.mlw
path: /opt/CAPEv2/storage/binaries/5b57094dff48b0fe9d7007ad14219635d02f6d548a1d0aa03a74544c1604872f
crc32: 6D0967CA
md5: 8c7ecba01716e09e2d9651e940e30a36
sha1: af3bcd4fffde423e413543e2f2921b505d952089
sha256: 5b57094dff48b0fe9d7007ad14219635d02f6d548a1d0aa03a74544c1604872f
sha512: eeca62776001af1c6b85743c858eb1fbf29357a045a7f09dd30c2d6329c8e73089da618ea7ba3a06ee78b5cdd5c668cf34ae1923a4dd570f36ed85e6d0796427
ssdeep: 192:hlu0XqTM6kev8rEZDdtSX0ba3J3kxe/eRrVScDPmP1oyn1ZTUCzbQS:h40XqweiEBdswGkxeGBE1VTUCx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17A92C4E7E96C6CF1E6AA003D20F7908761132A98671C80CB578E72E409F57D9E2FCD51
sha3_384: 401499d81d704f5390a9fcd345b000e8442ac2eeda0d569e86ab84747aae2638071fe0222dbe5ae1f36642d5d8bfab70
ep_bytes: 558bec6aff683041400068601d400064
timestamp: 2012-05-24 07:26:51


Version Info:

0: [No Data]

Trojan.Agent.BDXS also known as:

BkavW32.FamVT.GeND.Trojan
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.BDXS
FireEyeGeneric.mg.8c7ecba01716e09e
CAT-QuickHealTrojanDownloader.Upatre.AM4
McAfeeDownloader-FSH!8C7ECBA01716
CylanceUnsafe
VIPRETrojan-Downloader.Win32.Upatre.ab (v)
K7AntiVirusTrojan-Downloader ( 0049c7b11 )
BitDefenderTrojan.Agent.BDXS
K7GWTrojan-Downloader ( 0049c7b11 )
Cybereasonmalicious.01716e
BitDefenderThetaGen:NN.ZexaF.34182.bqX@aq2NhlkG
VirITTrojan.Win32.Generic.VSG
CyrenW32/Trojan.DUOZ-8276
SymantecDownloader.Upatre!gen5
ESET-NOD32Win32/TrojanDownloader.Tiny.NKP
BaiduWin32.Trojan-Downloader.Waski.a
TrendMicro-HouseCallTROJ_UPATRE.SM01
ClamAVWin.Trojan.Agent-1138898
KasperskyBackdoor.Win32.Androm.cyl
NANO-AntivirusTrojan.Win32.DownLoad3.dcdgbc
ViRobotTrojan.Win32.Upatre.20480.B
APEXMalicious
RisingTrojan.DL.Win32.Upatre.aep (RDMK:cmRtazobNwVM0pNy50xZTwUFk2RE)
EmsisoftTrojan.Agent.BDXS (B)
ComodoBackdoor.Win32.Androm.EQ@5e59a9
DrWebTrojan.DownLoad3.33842
ZillyaTrojan.Zbot.Win32.160403
TrendMicroTROJ_UPATRE.SM01
McAfee-GW-EditionDownloader-FSH!8C7ECBA01716
SophosML/PE-A + Troj/Zbot-IPX
IkarusTrojan-Downloader.Win32.Tiny
JiangminTrojan.Win32.SelfDel.d
AviraTR/Spy.Zbot.cehr.1
MAXmalware (ai score=84)
Antiy-AVLTrojan/Generic.ASMalwS.AE78F6
MicrosoftTrojanDownloader:Win32/Upatre
SUPERAntiSpywareTrojan.Agent/Gen-Zbot
ZoneAlarmBackdoor.Win32.Androm.cyl
GDataTrojan.Agent.BDXS
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Agent.20678
VBA32Trojan.SelfDel
ALYacTrojan.Agent.BDXS
MalwarebytesTrojan.Downloader
PandaTrj/Downloader.WKY
TencentTrojan-Downloader.Win32.Waski.16000151
YandexTrojan.DL.Tiny!M47uTcnS9P4
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Upatre.Gen
FortinetW32/Waski.A!tr
AVGWin32:Agent-AUID [Trj]
AvastWin32:Agent-AUID [Trj]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Trojan.Agent.BDXS?

Trojan.Agent.BDXS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment