Categories: Trojan

What is “Trojan.Agent.DPBX (B)”?

The Trojan.Agent.DPBX (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Agent.DPBX (B) virus can do?

Behavioural detection: Executable code extraction – unpacking
Yara rule detections observed from a process memory dump/dropped files/CAPE
Creates RWX memory
Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Network activity detected but not expressed in API logs
CAPE detected the Ursnif3 malware family

Related domains:

wpad.local-net

How to determine Trojan.Agent.DPBX (B)?


File Info:
name: 76B0EAB5125242250059.mlwpath: /opt/CAPEv2/storage/binaries/dbd95d07037499c211584d961dd05683af6ed49c35240b234d8bbcad4e5dea6bcrc32: 3D9B0CDAmd5: 76b0eab51252422500591f3549eedbf1sha1: 6c7fab907de07eebbb8d33785fa4d238826bd24dsha256: dbd95d07037499c211584d961dd05683af6ed49c35240b234d8bbcad4e5dea6bsha512: 67ba3a73d325619c7f59380743396164d37d2826f92c580ed73ad5971bc49a6821d461ee784c1f09ccb50dbf61d3bde1db41ced6f05ced73cc4e130dab9f46ecssdeep: 6144:QfsvEug4/COMAIOVW3Uqz/HJpadR5FzdgF:QKEufaORxezE5Fztype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1EC84F6F3611A94F9E25631B5661B4F1F43026EACF9E054A21CFE77F9E1B20B740E0A60sha3_384: 3a18cb16ae9ff562125491ec88be4bf7f2bbdf25d73c9f1b1af65adef4be5fbf9acf8529f95a15fb5d01134bcdc62d4aep_bytes: e8e8180000e916feffff558bec81ec28timestamp: 2007-02-06 10:08:27
Version Info:
FileDescription: StretchbrownOriginalFilename: Donelevel.exeInternalName: StretchbrownLegalCopyright: Copyright (c) 2004-2011, Motionsoft segment Equatechord must senseProductName: StretchbrownProductVersion: 13.7.69.65LegalTrademarks: Stretchbrown shouldface hatFileVersion: 13.7.69.65Translation: 0x0409 0x04b0

Trojan.Agent.DPBX (B) also known as:

Bkav	W32.FamVT.RazyNHmA.Trojan
Lionic	Trojan.Win32.Ursnif.4!c
Elastic	malicious (high confidence)
DrWeb	BackDoor.Poison.19083
ClamAV	Win.Malware.Dpbx-6853623-0
FireEye	Generic.mg.76b0eab512524225
McAfee	Ursnif-FQIR!76B0EAB51252
Cylance	Unsafe
VIPRE	Trojan.Win32.Zbot.ata (v)
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 005473e11 )
Alibaba	TrojanSpy:Win32/Ursnif.89a51660
K7GW	Trojan ( 005473e11 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	Gen:NN.ZexaF.34294.xq0@aqOoovei
Cyren	W32/S-adb7f341!Eldorado
Symantec	Trojan.Ursnif
ESET-NOD32	a variant of Win32/Kryptik.GPMV
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	Trojan-Spy.Win32.Ursnif.agqi
BitDefender	Trojan.Agent.DPBX
NANO-Antivirus	Trojan.Win32.Poison.fmrmom
MicroWorld-eScan	Trojan.Agent.DPBX
Avast	Win32:Trojan-gen
Rising	Trojan.Generic@ML.94 (RDML:VBaI4QZH9R6uDpofdoSe0A)
Ad-Aware	Trojan.Agent.DPBX
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.TrojanSpy.Ursnif.GP@81wf2z
Zillya	Trojan.Ursnif.Win32.6748
McAfee-GW-Edition	Ursnif-FQIR!76B0EAB51252
Emsisoft	Trojan.Agent.DPBX (B)
Ikarus	Trojan.Win32.Crypt
GData	Trojan.Agent.DPBX
Jiangmin	TrojanSpy.Ursnif.cbx
Avira	HEUR/AGEN.1114562
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Generic.ASMalwS.2A7D816
Microsoft	Trojan:Win32/Ursnif.BE!MTB
AhnLab-V3	Malware/Gen.Generic.C3002208
Acronis	suspicious
ALYac	Trojan.Agent.DPBX
TACHYON	Trojan-Spy/W32.Ursnif.380928.B
VBA32	TrojanSpy.Ursnif
Malwarebytes	Trojan.Downloader
APEX	Malicious
Tencent	Malware.Win32.Gencirc.10b1f0f5
Yandex	TrojanSpy.Ursnif!ILRRXS0sEfE
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_81%
Fortinet	W32/Kryptik.GPMV!tr
AVG	Win32:Trojan-gen
Panda	Trj/Genetic.gen
MaxSecure	Trojan.Malware.74119004.susgen