Categories: Trojan

Trojan.Agent.CTNF removal tips

The Trojan.Agent.CTNF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Agent.CTNF virus can do?

Injection (inter-process)
Injection (Process Hollowing)
Executable code extraction
Injection with CreateRemoteThread in a remote process
Creates RWX memory
Mimics the system’s user agent string for its own requests
At least one IP Address, Domain, or File Name was found in a crypto call
Starts servers listening on 127.0.0.1:30086
Reads data out of its own binary image
Drops a binary and executes it
Unconventionial language used in binary resources: Russian
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Executed a process and injected code into it, probably while unpacking
Code injection with CreateRemoteThread in a remote process
Deletes its original binary from disk
Tries to unhook or modify Windows functions monitored by Cuckoo
Steals private information from local Internet browsers
A system process is generating network traffic likely as a result of process injection
Installs itself for autorun at Windows startup
Collects information about installed applications
Likely virus infection of existing system binary
Attempts to modify proxy settings
Attempts to modify browser security settings
Creates a copy of itself
Harvests credentials from local FTP client softwares
Creates a slightly modified copy of itself
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

daicoaero.ru

How to determine Trojan.Agent.CTNF?


File Info:
crc32: 34F33377md5: 059b3d069c3c4434c99c235698f1d11cname: 059B3D069C3C4434C99C235698F1D11C.mlwsha1: 71e998c014a69002efce34b7a87988d1e0103d13sha256: 23c2f472889bcc86e923a5c11b2dfe9567f7842b9168674836e1516887de8d7esha512: f306a65ba9dca9fc7f57300fe93c465089768ff9bee4d87b61731c57327bd69279c3c25210ecb086400d2218787c9124439db82946e3bad0fced042f66b96f2assdeep: 24576:k5kxpZO/KyehROvULJ9c8C1bZBBqPeiDU1GKeEK6Wo:LhXOsN+8CJrBoesU7ltype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
0: [No Data]

Trojan.Agent.CTNF also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader26.11210
ALYac	Trojan.Agent.CTNF
Cylance	Unsafe
Sangfor	Backdoor.Win32.Androm.gen
CrowdStrike	win/malicious_confidence_100% (W)
Cybereason	malicious.69c3c4
Cyren	W32/Injector.JI.gen!Eldorado
Symantec	Packed.Generic.526
ESET-NOD32	a variant of Win32/Injector.DVDZ
APEX	Malicious
Avast	Win32:Malware-gen
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Backdoor.Win32.Androm.gen
BitDefender	Trojan.Agent.CTNF
NANO-Antivirus	Trojan.Win32.Zbot.exvfin
MicroWorld-eScan	Trojan.Agent.CTNF
Tencent	Win32.Trojan.Generic.Fih
Ad-Aware	Trojan.Agent.CTNF
Sophos	Mal/Generic-S
BitDefenderTheta	AI:Packer.32E61D3F21
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Dropper.bc
FireEye	Generic.mg.059b3d069c3c4434
Emsisoft	Trojan.Agent.CTNF (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	TrojanSpy.Zbot.flql
Avira	HEUR/AGEN.1130022
eGambit	Unsafe.AI_Score_96%
Antiy-AVL	Trojan[Spy]/Win32.Zbot
Microsoft	Trojan:Win32/Lokibot.PB!MTB
Arcabit	Trojan.Agent.CTNF
GData	Trojan.Agent.CTNF
AhnLab-V3	Trojan/Win32.Agent.C2355816
McAfee	Artemis!059B3D069C3C
MAX	malware (ai score=98)
VBA32	Trojan.Downloader
Panda	Trj/GdSda.A
Yandex	Trojan.GenAsa!GU498ooLVGc
Ikarus	Trojan.Win32.Injector
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Injector.EGXE!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml