Trojan

About “Trojan.Agent.ED” infection

Malware Removal

The Trojan.Agent.ED is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.ED virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Exhibits behavior characteristic of Pony malware
  • Exhibits possible ransomware file modification behavior
  • Collects information about installed applications
  • Creates a hidden or system file
  • Creates a copy of itself
  • Harvests credentials from local FTP client softwares
  • Anomalous binary characteristics

How to determine Trojan.Agent.ED?



File Info:

crc32: 418191F1
md5: deae946554c45e057b69e154c3cf1257
name: DEAE946554C45E057B69E154C3CF1257.mlw
sha1: 86e5503ebff62c18429fa7b0d60e7aab726a2bc9
sha256: a4ce4ad33ae7a4edd15238549afc57a81c49f161e9160a608b4fb4757adf5761
sha512: d886fac22319f9858198c8ba937f71cb128506430ec6a56abf0db20d41ab8b8c0156206a965bb1e4fe2b0897fa6c5b5760b3be0b6b906cc20ab5b9e6c34dcc91
ssdeep: 6144:3kBtdmmpZnxJRhYLT9crY8LAdu4Nu0dSkXYGfuuLzbC30YJT6GPqSnUQS:0LdmuxJRWLCrY8A9PGuLzbCkixySnNS
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2011
InternalName: ISCT and IFFS Driver
FileVersion: 1, 0, 0, 1002
ProductName: ISCT Driver
ProductVersion: 1, 0, 0, 1002
FileDescription: ISCT and IFFS Driver
OriginalFilename: ISCTD.sys
Translation: 0x0409 0x04b0

Trojan.Agent.ED also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanTrojan.GenericKDZ.26384
FireEyeGeneric.mg.deae946554c45e05
ALYacTrojan.GenericKDZ.26384
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusTrojan ( 0040f99b1 )
BitDefenderTrojan.GenericKDZ.26384
K7GWTrojan ( 0040f99b1 )
Cybereasonmalicious.554c45
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:GenMalicious-IUG [Trj]
ClamAVWin.Trojan.Generickdz-6940546-0
TencentTrojan.Win32.Inject.sbeca
Ad-AwareTrojan.GenericKDZ.26384
SophosTroj/HkMain-BS
ComodoTrojWare.Win32.Spy.Zbot.DKA@5ieycx
F-SecureTrojan.TR/Spy.Zbot.osdez
DrWebTrojan.Mayachok.18828
InvinceaML/PE-A + Troj/HkMain-BS
McAfee-GW-EditionGeneric-FAVG!DEAE946554C4
EmsisoftTrojan.GenericKDZ.26384 (B)
IkarusTrojan-PSW.Win32.Tepfer
JiangminTrojan.Fury.ez
WebrootTrojan.Dropper.Gen
AviraTR/Spy.Zbot.osdez
eGambitUnsafe.AI_Score_100%
Antiy-AVLTrojan[Ransom]/Win32.Fury
MicrosoftVirTool:Win32/Vigorf.A
GridinsoftTrojan.Heur!.02012A01
ArcabitTrojan.Generic.D6710
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
GDataTrojan.GenericKDZ.26384
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Necurs.R123848
Acronissuspicious
McAfeeGeneric-FAVG!DEAE946554C4
MAXmalware (ai score=84)
MalwarebytesTrojan.Agent.ED
PandaGeneric Suspicious
ESET-NOD32a variant of Win32/Injector.BPNZ
RisingMalware.Undefined!8.C (TFE:1:I2VwTjj1boD)
YandexTrojan.GenAsa!Jt1Us+jv2N0
SentinelOneStatic AI – Malicious PE
MaxSecureVirus.PECorrupt
FortinetW32/HkMain.BN!tr
BitDefenderThetaGen:NN.ZexaF.34634.wy0@ayyZBfjj
AVGWin32:GenMalicious-IUG [Trj]

How to remove Trojan.Agent.ED?

Trojan.Agent.ED removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment