Trojan

Trojan.Agent.CZOP malicious file

Malware Removal

The Trojan.Agent.CZOP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.CZOP virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Spanish (Guatemala)
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

edgedl.gvt1.com

How to determine Trojan.Agent.CZOP?



File Info:

crc32: 89D51EFE
md5: 599e7de6d49ab9ea4e286b4602d7cb8c
name: 599E7DE6D49AB9EA4E286B4602D7CB8C.mlw
sha1: 5254fa20efb9e46b66d26a5ea03de542e9f3badc
sha256: 4e3e046d0bc1d2f5f81571c00fbd1ece1722b0fafcdd8d8653dc57c9b380774b
sha512: 7f97cbd5a4dd003de494f5e5eb0272b59d3e776dc5ab79d41149f1d6b4fb09c54f2f00ee93e1fcab8d3472cc5cbf01909f583a81aad1b01fda907d06ec49934e
ssdeep: 6144:acGUomtuNAOocUxqAsXHvLV5gMzkk0QcMJU8c8xUj:LRluNVqWDTTE5p8c+Uj
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2017, tvevabhuehb
FileVersion: 6.3.6.8
ProductVersion: 6.3.6.8
Translation: 0x0809 0x04b0

Trojan.Agent.CZOP also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.CZOP
CAT-QuickHealTrojan.Chapak.ZZ5
ALYacTrojan.Agent.CZOP
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0053305e1 )
BitDefenderTrojan.Agent.CZOP
K7GWTrojan ( 00532e631 )
CrowdStrikewin/malicious_confidence_100% (D)
CyrenW32/S-2775023f!Eldorado
SymantecPacked.Generic.525
APEXMalicious
AvastWin32:Spy-CC [Trj]
ClamAVWin.Malware.Czop-7373814-0
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Encoder.fcuxgf
ViRobotTrojan.Win32.GandCrab.Gen.A
TencentMalware.Win32.Gencirc.10b9e802
Ad-AwareTrojan.Agent.CZOP
TACHYONRansom/W32.GandCrab
EmsisoftTrojan.Agent.CZOP (B)
ComodoTrojWare.Win32.Cloxer.AY@7o68fu
F-SecureHeuristic.HEUR/AGEN.1103298
DrWebTrojan.Encoder.24384
ZillyaTrojan.GandCrypt.Win32.237
TrendMicroRansom.Win32.GANDCRAB.SMLA.hp
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
FireEyeGeneric.mg.599e7de6d49ab9ea
SophosMal/Generic-R + Mal/Agent-AUL
IkarusTrojan.Win32.CryptInject
JiangminRiskTool.BitCoinMiner.hnn
AviraHEUR/AGEN.1103298
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Win32.TSGeneric
MicrosoftRansom:Win32/GandCrab.AE
ArcabitTrojan.Agent.CZOP
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Agent.CZOP
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Gandcrab.Exp
Acronissuspicious
McAfeeGenericRXFO-TL!599E7DE6D49A
MAXmalware (ai score=100)
VBA32Malware-Cryptor.Limpopo
MalwarebytesGandcrab.Ransom.Encrypt.DDS
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Kryptik.GHEC
TrendMicro-HouseCallRansom.Win32.GANDCRAB.SMLA.hp
RisingTrojan.Fuerboos!8.EFC8 (CLOUD)
YandexTrojan.GenAsa!TnoFt+aGns0
SentinelOneStatic AI – Malicious PE
MaxSecureRansomeware.CRAB.gen
FortinetW32/GenKryptik.CNAR!tr
BitDefenderThetaGen:NN.ZexaF.34590.sy1@auDM4FVG
AVGWin32:Spy-CC [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.427

How to remove Trojan.Agent.CZOP?

Trojan.Agent.CZOP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment