Trojan

About “Trojan.Agent.DPBX” infection

Malware Removal

The Trojan.Agent.DPBX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan.Agent.DPBX virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Performs some HTTP requests
  • Uses Windows utilities for basic functionality
  • Crashed cuckoomon during analysis. Report this error to the Github repo.
  • Creates a hidden or system file
  • Attempts to modify proxy settings

Related domains:

www.bing.com
bm25yp.com

How to determine Trojan.Agent.DPBX?


File Info:

crc32: 5CA6C127
md5: 32531c9f01e95106554d5c24413550ad
name: 32531C9F01E95106554D5C24413550AD.mlw
sha1: 792467134bbd3b7023bce17f5b997cb4a3e2794f
sha256: 430f598b3fccb2a5ba9f1f1e48a224202796ee59ad815f285ef81ef52583a26a
sha512: a02b400fea0f239feca8cd336f6cd0193abf6f6ed224c2cf5046673bd47121ba6983b33a9daa57e382acc9a0e9ac9825dfc09bb0a4b62ae16d0695a80d6f0c5b
ssdeep: 6144:QfsvEug4/COMAIOVW3Uqz/HJpadR5FzCgF:QKEufaORxezE5Fz
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (c) 2004-2011, Motionsoft segment Equatechord must sense
InternalName: Stretchbrown
FileVersion: 13.7.69.65
LegalTrademarks: Stretchbrown shouldface hat
ProductName: Stretchbrown
ProductVersion: 13.7.69.65
FileDescription: Stretchbrown
OriginalFilename: Donelevel.exe
Translation: 0x0409 0x04b0

Trojan.Agent.DPBX also known as:

BkavW32.FamVT.RazyNHmA.Trojan
K7AntiVirusTrojan ( 005473e11 )
Elasticmalicious (high confidence)
DrWebBackDoor.Poison.19083
CynetMalicious (score: 100)
ALYacTrojan.Agent.DPBX
CylanceUnsafe
ZillyaTrojan.Ursnif.Win32.6748
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanSpy:Win32/Ursnif.618cfc1e
K7GWTrojan ( 005473e11 )
Cybereasonmalicious.f01e95
CyrenW32/S-adb7f341!Eldorado
SymantecTrojan.Ursnif
ESET-NOD32a variant of Win32/Kryptik.GPMV
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Malware.Dpbx-6853623-0
KasperskyTrojan-Spy.Win32.Ursnif.agqi
BitDefenderTrojan.Agent.DPBX
NANO-AntivirusTrojan.Win32.Poison.fmrmom
MicroWorld-eScanTrojan.Agent.DPBX
TencentMalware.Win32.Gencirc.10b1f0f5
Ad-AwareTrojan.Agent.DPBX
SophosMal/Generic-S
ComodoTrojWare.Win32.TrojanSpy.Ursnif.GP@81wf2z
BitDefenderThetaGen:NN.ZexaF.34236.xq0@aqOoovei
VIPRETrojan.Win32.Zbot.ata (v)
McAfee-GW-EditionBehavesLike.Win32.Ursnif.fm
FireEyeGeneric.mg.32531c9f01e95106
EmsisoftTrojan.Agent.DPBX (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanSpy.Ursnif.cbx
AviraHEUR/AGEN.1114562
Antiy-AVLTrojan/Generic.ASMalwS.2A7D816
MicrosoftTrojan:Win32/Ursnif.BE!MTB
ArcabitTrojan.Agent.DPBX
GDataTrojan.Agent.DPBX
TACHYONTrojan-Spy/W32.Ursnif.380928.B
AhnLab-V3Malware/Gen.Generic.C3002208
Acronissuspicious
McAfeeUrsnif-FQIR!32531C9F01E9
MAXmalware (ai score=84)
VBA32TrojanSpy.Ursnif
MalwarebytesTrojan.Downloader
PandaTrj/Genetic.gen
RisingTrojan.Generic@ML.100 (RDML:VBaI4QZH9R6uDpofdoSe0A)
IkarusTrojan.Win32.Crypt
MaxSecureTrojan.Malware.74119004.susgen
FortinetW32/Kryptik.GPMV!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml

How to remove Trojan.Agent.DPBX?

Trojan.Agent.DPBX removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment