Trojan

Trojan.Agent.CNPA information

Malware Removal

The Trojan.Agent.CNPA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan.Agent.CNPA virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Arabic (Algeria)
  • Uses Windows utilities for basic functionality
  • Creates a hidden or system file
  • Attempts to modify proxy settings

Related domains:

persist.tippled.ru
formany.eastus.cloudapp.azure.com
www.bing.com

How to determine Trojan.Agent.CNPA?


File Info:

crc32: A9C5C98A
md5: 5385b17b7db6d461e26072ae7d577fab
name: 5385B17B7DB6D461E26072AE7D577FAB.mlw
sha1: ae152fdefab41f358f85f142ce2241226ac8b5d8
sha256: 1dc19e1f457bfea68a6ba3741d17945b622f23c1e2a91e72b1be2bd66cf0a6ac
sha512: 154d67001436fa865f17dd039b9acfafcc7baa48db0893b70446e04b0ee0df51dea856ac2ebd1748b50821c5a966e6f260f475d04e0705fde6cc66daff272f7a
ssdeep: 3072:qwuRqPppO8tFvLC0A6/1A2UmZ6D8L+pFyzuVZVMYwHKUa/j:1ppO8Do7pppwHKU8
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Trojan.Agent.CNPA also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan-Downloader ( 0051835a1 )
LionicAdware.Win32.Generic.2!c
Elasticmalicious (high confidence)
DrWebTrojan.InstallMonster.2376
CynetMalicious (score: 100)
CAT-QuickHealPUA.Mauvaise.S1559878
ALYacTrojan.Agent.CNPA
CylanceUnsafe
ZillyaDownloader.Tovkater.Win32.447
SangforTrojan.Win32.Tovkater.8
AlibabaTrojanDownloader:Win32/Tovkater.63b0d45c
K7GWTrojan-Downloader ( 0051835a1 )
Cybereasonmalicious.b7db6d
CyrenW32/Trojan.CCO_C.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/TrojanDownloader.Tovkater.EG
APEXMalicious
AvastWin32:Malware-gen
Kasperskynot-a-virus:HEUR:AdWare.Win32.Generic
BitDefenderTrojan.Agent.CNPA
NANO-AntivirusRiskware.Win32.TOVus.etbcjx
MicroWorld-eScanTrojan.Agent.CNPA
TencentMalware.Win32.Gencirc.10b402d7
Ad-AwareTrojan.Agent.CNPA
SophosMal/Generic-S
ComodoApplicUnwnt@#2t2ix5viax29v
BitDefenderThetaGen:NN.ZexaF.34266.vyY@airDhFcG
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.fm
FireEyeGeneric.mg.5385b17b7db6d461
EmsisoftTrojan.Agent.CNPA (B)
SentinelOneStatic AI – Malicious PE
JiangminAdWare.TOVus.bg
WebrootW32.Adware.Gen
AviraHEUR/AGEN.1103329
Antiy-AVLTrojan/Generic.ASMalwS.21FE22A
MicrosoftTrojan:Win32/Occamy.C
GDataTrojan.Agent.CNPA
TACHYONTrojan/W32.Agent.347136.GO
AhnLab-V3PUP/Win32.Bundler.R210235
McAfeeArtemis!5385B17B7DB6
MAXmalware (ai score=99)
VBA32Trojan.InstallMonster
MalwarebytesTrojan.Downloader
PandaTrj/Genetic.gen
RisingTrojan.Generic@ML.95 (RDML:SzgdxiQCqY0xsUCAj77CLQ)
YandexTrojan.GenAsa!77g2MYxKdOY
IkarusTrojan-Downloader.Win32.Tovkater
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Tovkater.EG!tr.dldr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan.Agent.CNPA?

Trojan.Agent.CNPA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment