Trojan

Trojan.Agent.EIOL (file analysis)

Malware Removal

The Trojan.Agent.EIOL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.EIOL virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the Ursnif3 malware family
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Agent.EIOL?



File Info:

name: 02BDA02E14297E19482E.mlw
path: /opt/CAPEv2/storage/binaries/d6928d5b4210d486a2bc0cc5e0e3bc31956c61bfd7aca0c60d8c62adf576f409
crc32: 1F7AC7C3
md5: 02bda02e14297e19482e593531632d40
sha1: 07236960f3f0060a67054a2466dc225ff96effd2
sha256: d6928d5b4210d486a2bc0cc5e0e3bc31956c61bfd7aca0c60d8c62adf576f409
sha512: 8b514c722b1c3ba25cf09d681994e59820a1c7be5de646be17ed1f2e3bd80d116cbbd7c0aee073735189f2f9bdf7f810292e04f221926bcd76c72df3f5dbf9b9
ssdeep: 3072:78FZ1WL9+IhEzC+ll/KwV116aF/29vSk86kCYyKdKRTI+Tq+kaQ6gdr4icLEOfUN:QM9+IuzC+lT6aF/298/YIWqFr3O7U
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DE34AD82FAA07031F977B63C5D96DA3A860ABD550F73458B3FC41B5F18748D2A724B22
sha3_384: 608dedd03e76bc1693f3cf6eeada7ada90086470f6d8301ac07a869afd3a340d8f672bda29f2b378fd14f2b934dc5b30
ep_bytes: e88a4b0000e9000000006a1468081843
timestamp: 2014-12-02 09:29:53


Version Info:

CompanyName: Numerix Felt Top Corporation
FileDescription: Numerix Felt Top SinceShort
FileVersion: 9.4.62.89 built by: 51899
InternalName: fascamp.exe
LegalCopyright: © Numerix Felt Top Corporation. All rights reserved.
OriginalFilename: fascamp.exe
ProductName: Numerix Felt Top ®Numerix Felt Top ® 2015
ProductVersion: 9.4.62.89
Translation: 0x0409 0x04b0

Trojan.Agent.EIOL also known as:

LionicTrojan.Win32.Cridex.14!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.EIOL
ClamAVWin.Malware.Ursnif-9946252-0
SkyhighTrojan-FRGC!02BDA02E1429
McAfeeTrojan-FRGC!02BDA02E1429
Cylanceunsafe
ZillyaTrojan.Cridex.Win32.420
SangforTrojan.Win32.Save.a
K7AntiVirusSpyware ( 00552cf91 )
AlibabaTrojanBanker:Win32/Ursnif.2796f2cf
K7GWSpyware ( 00552cf91 )
CrowdStrikewin/malicious_confidence_100% (W)
VirITTrojan.Win32.PSWStealer.PL
SymantecTrojan.Gen.MBT
ESET-NOD32Win32/Spy.Ursnif.CT
ZonerTrojan.Win32.85568
APEXMalicious
CynetMalicious (score: 99)
KasperskyTrojan-Banker.Win32.Cridex.hce
BitDefenderTrojan.Agent.EIOL
NANO-AntivirusTrojan.Win32.Gozi.gkkzjc
AvastWin32:BankerX-gen [Trj]
TencentMalware.Win32.Gencirc.10b22819
EmsisoftTrojan-Spy.Ursnif (A)
F-SecureTrojan.TR/AD.UrsnifDropper.jgh
DrWebTrojan.Gozi.609
VIPRETrojan.Agent.EIOL
FireEyeGeneric.mg.02bda02e14297e19
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Banker.Cridex.fh
WebrootW32.Trojan.Emotet
GoogleDetected
AviraTR/AD.UrsnifDropper.jgh
MAXmalware (ai score=100)
Antiy-AVLTrojan[Banker]/Win32.Cridex
Kingsoftmalware.kb.a.983
MicrosoftTrojan:Win32/Ursnif.RVR!MTB
XcitiumMalware@#2fmwc78gpz3cq
ArcabitTrojan.Agent.EIOL
ZoneAlarmTrojan-Banker.Win32.Cridex.hce
GDataTrojan.Agent.EIOL
VaristW32/Emotet.ACR.gen!Eldorado
AhnLab-V3Trojan/Win32.Ursnif.R301862
BitDefenderThetaGen:NN.ZexaF.36744.ou0@aS1hiKdi
ALYacTrojan.Agent.EIOL
TACHYONBanker/W32.Cridex.238080
VBA32TrojanBanker.Cridex
MalwarebytesTrojan.Injector
PandaTrj/Genetic.gen
RisingSpyware.Ursnif!8.1DEF (KTSE)
YandexTrojan.PWS.Cridex!icR4TVd/kes
IkarusTrojan.ZLoader
MaxSecureTrojan.Malware.74722470.susgen
FortinetW32/Ursnif.AJKA!tr
AVGWin32:BankerX-gen [Trj]
Cybereasonmalicious.0f3f00
DeepInstinctMALICIOUS

How to remove Trojan.Agent.EIOL?

Trojan.Agent.EIOL removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment