Trojan

Trojan.Agent.CZYO (file analysis)

Malware Removal

The Trojan.Agent.CZYO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.CZYO virus can do?

  • Executable code extraction
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Installs itself for autorun at Windows startup
  • Attempts to identify installed AV products by registry key
  • Anomalous binary characteristics

How to determine Trojan.Agent.CZYO?



File Info:

crc32: AA64D3D2
md5: 50afa8ec255037bcc720cd949e1583c3
name: 50AFA8EC255037BCC720CD949E1583C3.mlw
sha1: 22caca8a43752052b6c8c42e9586813902ebc652
sha256: 1e19d96af6ea389e8cad7b93821d975dea3ad3528d2deab62c7a03e5ec0a38b0
sha512: 4e26e349a8cdb615fd3292539aa50e913ab7715c78b46ba41aa5405f0cd690b2c103d8e363f089af79d7e97b5a499f59a7e7a8831d6f9c17ba6e2ea0b61b8fd1
ssdeep: 6144:hmc1Dvz7pvCeIzKnNk02Rb1TboGwrdt3nzwNPKNz9Q:0c1D3pqeGeNN2r4Ddt3nznp
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 2005 Info-Zip 
InternalName: unzip
FileVersion: 5.51.1871.34282
License: see contrib/LICENSE 
CompanyName: Info-Zip 
PrivateBuild: Patchlevel 1
LegalTrademarks: Info-Zipxae, UnZipxae, unzipxae
WWW: http://www.info-zip.org/UnZip.html
ProductName: UnZip
SpecialBuild: GNU for Win32 
ProductVersion: 5.51.1871.34282
FileDescription: UnZip SPECS UnZip: list, test and extract compressed files in a ZIP archive
OriginalFilename: unzip.exe
Translation: 0x0409 0x04e4

Trojan.Agent.CZYO also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 00533b461 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Siggen7.54891
CynetMalicious (score: 100)
ALYacTrojan.Agent.CZYO
CylanceUnsafe
ZillyaTrojan.Yakes.Win32.68663
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
K7GWTrojan ( 00533b461 )
Cybereasonmalicious.c25503
CyrenW32/Trojan.BUF.gen!Eldorado
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.GHOY
APEXMalicious
AvastWin32:TrojanX-gen [Trj]
ClamAVWin.Dropper.Bunitu-7586785-0
KasperskyHEUR:Trojan.Win32.NetStream.gen
BitDefenderTrojan.Agent.CZYO
NANO-AntivirusTrojan.Win32.Kryptik.fdyxgm
MicroWorld-eScanTrojan.Agent.CZYO
TencentMalware.Win32.Gencirc.10ba5d7c
Ad-AwareTrojan.Agent.CZYO
SophosML/PE-A + Mal/Cerber-AM
ComodoTrojWare.Win32.TrojanProxy.Bunitu.GHF@7otpks
BitDefenderThetaGen:NN.ZexaF.34266.tq1@a4F3tnmi
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojanSpy.Win32.TRICKBOT.SMB.hp
McAfee-GW-EditionTrickbot-FRDP!50AFA8EC2550
FireEyeGeneric.mg.50afa8ec255037bc
EmsisoftTrojan.Agent.CZYO (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Yakes.zwg
WebrootW32.Adware.Installcore
AviraTR/Bunitu.vkmqv
Antiy-AVLTrojan/Generic.ASMalwS.2696756
MicrosoftTrojanProxy:Win32/Bunitu!rfn
ArcabitTrojan.Agent.CZYO
GDataTrojan.Agent.CZYO
AhnLab-V3Malware/Win32.Generic.C2566553
Acronissuspicious
McAfeeTrickbot-FRDP!50AFA8EC2550
MAXmalware (ai score=98)
VBA32BScope.Trojan.Yakes
MalwarebytesMalware.AI.547941556
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojanSpy.Win32.TRICKBOT.SMB.hp
RisingTrojan.Kryptik!1.B2B8 (CLASSIC)
YandexTrojan.GenAsa!9YjysY0c8vo
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.GLWT!tr
AVGWin32:TrojanX-gen [Trj]
Paloaltogeneric.ml

How to remove Trojan.Agent.CZYO?

Trojan.Agent.CZYO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment