Trojan

Trojan.Agent.CYMT removal instruction

Malware Removal

The Trojan.Agent.CYMT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.Agent.CYMT virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.Agent.CYMT?


File Info:

name: 1583483746A25521BF53.mlw
path: /opt/CAPEv2/storage/binaries/eeb247fe9919e2e20fe02d0d1d7bbc4a4428a0e335fb7fb74402d8c56454effe
crc32: 9B7DB98E
md5: 1583483746a25521bf53990aff544691
sha1: 6f81dd1ed14079e8adf7b6470fd081fca672320e
sha256: eeb247fe9919e2e20fe02d0d1d7bbc4a4428a0e335fb7fb74402d8c56454effe
sha512: 45430c2e14f56b31e2cd8c7df4334a781e689efcc0983ac604b23f612841b705cd78c9fe05718c1b8fa732f07e3d4db6aa52733160f5acd7a97e53123ddc82ad
ssdeep: 3072:1s3o8A4M3riN6MhGkgS3PL67n5OkhBOPC/7/Fnncrk:1DeM7iNEkgi81ECbJv
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1E4F34B20A994E0F3E8A301F101446B716E71DD39161BCA87E3D6DFB999B4701DB983BE
sha3_384: 57d0f9f61dc4731f9b69ce5674628f53121aec2c18f1200b98be785a319e5348e3e1a442d8300455be1123defa0f6364
ep_bytes: 5589e583ec146a01ff15d0524200e8dd
timestamp: 2014-07-01 18:02:13

Version Info:

0: [No Data]

Trojan.Agent.CYMT also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTool.Snojan.1
MicroWorld-eScanTrojan.Agent.CYMT
FireEyeGeneric.mg.1583483746a25521
CAT-QuickHealTrojan.AgentbIH.S20216328
McAfeeDownloader-FCJE!1583483746A2
MalwarebytesMalware.AI.2575158490
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0058cb101 )
K7GWTrojan ( 0058cb101 )
BitDefenderThetaGen:NN.ZexaF.34666.jCW@aCRfwAj
CyrenW32/S-f9d51e84!Eldorado
SymantecSMG.Heur!gen
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Agent.AAEF
ClamAVWin.Malware.Snojan-6775202-0
KasperskyVHO:Flooder.Win32.Convagent.gen
BitDefenderTrojan.Agent.CYMT
NANO-AntivirusTrojan.Win32.Snojan.evvppm
AvastWin32:Banker-LAA [Trj]
TencentFlooder.Win32.CoreWarrior.ha
Ad-AwareTrojan.Agent.CYMT
SophosTroj/Bdoor-BHD
ComodoTrojWare.Win32.Snojan.B@7h1cjp
ZillyaTrojan.GenericKD.Win32.100891
McAfee-GW-EditionBehavesLike.Win32.Generic.cm
SentinelOneStatic AI – Suspicious PE
EmsisoftTrojan.Agent.CYMT (B)
Ikarusnot-a-virus:Downloader.Snojan
GDataWin32.Application.Snojan.A
JiangminDownloader.Snojan.adp
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Downloader/Win.Nemucod.C4762062
VBA32BScope.Trojan.Agentb
TACHYONTrojan/W32.CoreWarrior.159744
APEXMalicious
RisingTrojan.Agent!8.B1E (RDMK:cmRtazqN2h8TuQw/XCwfxDMzJtpJ)
YandexTrojan.Agent!1wHGpufRGYc
MAXmalware (ai score=85)
FortinetRiskware/Snojan
AVGWin32:Banker-LAA [Trj]
Cybereasonmalicious.746a25
PandaTrj/Genetic.gen

How to remove Trojan.Agent.CYMT?

Trojan.Agent.CYMT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment