Trojan

Trojan.Agent.BGDS malicious file

Malware Removal

The Trojan.Agent.BGDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.Agent.BGDS virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Arabic
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.Agent.BGDS?


File Info:

name: 38AA482BC9AF843A1CCD.mlw
path: /opt/CAPEv2/storage/binaries/dce266420bdfbea80114fdca23c8ca22c2cdb4030d7e62ea878590f330c8915a
crc32: 2DBBE841
md5: 38aa482bc9af843a1ccd1053d747626b
sha1: 0a504c6ea21e27cae2caee0654e52d0d734419e6
sha256: dce266420bdfbea80114fdca23c8ca22c2cdb4030d7e62ea878590f330c8915a
sha512: 75dc5364655540d88d596d3dfb17c2508e4734824b65d685a945ea94412ce6f60bd3c5e11aa5a9a04e8312dcbb063aec7cb8724e40ae6bf62c63e338eaa0cec5
ssdeep: 6144:NIi9FulAwN21gbPKax//SjQd0XZhankAFE9oWfqcC12/y:V/nRKbvxHSjQd0phanBEBfqcCQ/y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T192541249BBBBF404C19212BC189AF3C52539D1580E6AD9B29D444C6B9D7C3DEFF63222
sha3_384: bcc87dc189a091de7ce17368419b626c6f986f0fb13646e5951d3dca2fb93ccf5a8794858f89a985717c83718db4e4d7
ep_bytes: 558bec81ec5c0100008b152cea4200eb
timestamp: 2012-08-21 01:38:04

Version Info:

ProductName: Marsukife® Visatl Studio® 2010
FileVersion: 3.44.19300.43906
ProductVersion: 3.44.19300.43906
InternalName: desrinko.exe
OriginalFilename: desrinko.exe
Translation: 0x0409 0x04b0

Trojan.Agent.BGDS also known as:

BkavW32.AIDetect.malware2
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.Agent.BGDS
FireEyeGeneric.mg.38aa482bc9af843a
McAfeeTrojan-FFFI!38AA482BC9AF
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.854637
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0055dd191 )
K7GWTrojan ( 0055dd191 )
Cybereasonmalicious.bc9af8
BitDefenderThetaGen:NN.ZexaF.34592.ru1@aaTFePzO
VirITTrojan.Win32.Siggen6.WKA
CyrenW32/A-2f689734!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.ARTT
BaiduWin32.Trojan.Kryptik.je
TrendMicro-HouseCallTSPY_ZBOT.SMX1
ClamAVWin.Trojan.Agent-1206049
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Agent.BGDS
NANO-AntivirusTrojan.Win32.Zbot.dgyuzp
CynetMalicious (score: 100)
SUPERAntiSpywareTrojan.Agent/Gen-Zbot
APEXMalicious
TencentTrojan.Win32.Zbot.c
Ad-AwareTrojan.Agent.BGDS
EmsisoftTrojan.Agent.BGDS (B)
ComodoTrojWare.Win32.Kryptik.CNNY@5ggyvf
DrWebTrojan.Siggen6.15132
VIPRETrojan.Agent.BGDS
TrendMicroTSPY_ZBOT.SMX1
McAfee-GW-EditionTrojan-FFFI!38AA482BC9AF
Trapminemalicious.high.ml.score
SophosML/PE-A + Troj/Agent-AIIM
IkarusTrojan-Spy.Zbot
GDataTrojan.Agent.BGDS
JiangminTrojanSpy.Zbot.egkm
AviraHEUR/AGEN.1227067
MAXmalware (ai score=83)
Antiy-AVLTrojan/Generic.ASMalwS.31
KingsoftWin32.Troj.Zbot.uk.(kcloud)
ArcabitTrojan.Agent.BGDS
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftPWS:Win32/Zbot
GoogleDetected
AhnLab-V3Trojan/Win32.ZBot.R121788
Acronissuspicious
VBA32TrojanSpy.Zbot
ALYacTrojan.Agent.BGDS
TACHYONTrojan-Spy/W32.ZBot.287290
MalwarebytesBackdoor.Agent.RND
AvastWin32:Agent-AUYE [Trj]
RisingTrojan.Generic@AI.100 (RDML:XAzsfKZj3yUc3+hFZuap7g)
YandexTrojan.Kryptik!7RmSsVuhWsc
SentinelOneStatic AI – Malicious PE
FortinetW32/Kryptik.CJJL!tr
AVGWin32:Agent-AUYE [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Agent.BGDS?

Trojan.Agent.BGDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment