Trojan

Should I remove “Trojan.Agent.FDJK”?

Malware Removal

The Trojan.Agent.FDJK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.FDJK virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location
  • Detects the presence of Windows Defender AV emulator via files
  • Anomalous binary characteristics

Related domains:

wpad.local-net
s1.symcb.com
NFHKkVZmyilUrslsuuIdK.NFHKkVZmyilUrslsuuIdK

How to determine Trojan.Agent.FDJK?



File Info:

name: 1A2505D8E0CC6D382D85.mlw
path: /opt/CAPEv2/storage/binaries/221ebd5666aeb2cc1287ae91705763dc80123d0bc3bfdf2ea146b6a1ef10d0bb
crc32: 62D3B87C
md5: 1a2505d8e0cc6d382d85acb3d6dcebc4
sha1: 93d95c25d8022c6261bb8fdc02664bd39f8c83ec
sha256: 221ebd5666aeb2cc1287ae91705763dc80123d0bc3bfdf2ea146b6a1ef10d0bb
sha512: 96ce9e91dbf1bfa7cc85220e899aad776e207c1fd6c06a12c9bf3abd730f13faa1ba4dbd65161d6e8da8ddc7f19694d4e36751edcf3a74bc68d23704d974dbc8
ssdeep: 49152:l5+hF2v3uA59qERs+ddq4Rby9bKaQWxOw4hzisE8a4j29:l5aF2v3uwqSXdZd6bKOUhzu8a4j29
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1859523515FBB50B6D0C331709914BAA59AFBF16A1B25C4D73B9C020A2FA25E0DF3819F
sha3_384: 1879152a6eba4f939c6405e79c70918862e1a6655ea3cf6c299670b904669c4ba7d48f5f9ee11d320255904be4b68412
ep_bytes: 558bec6aff6880fa410068f0c4410064
timestamp: 2016-04-02 22:14:34


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Kqw44 Kcgoelz Ztfwmcyyvt                                           
FileVersion: 61.82.1281.13423 (zjztcnu_muv.063660-1171)
InternalName: Ybkatuy                
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: AUXPHIP.EXE            .OUV
ProductName: Internet Explorer
ProductVersion: 61.82.1281.13423
Translation: 0x0409 0x04b0

Trojan.Agent.FDJK also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.FDJK
FireEyeGeneric.mg.1a2505d8e0cc6d38
ALYacTrojan.Agent.FDJK
CylanceUnsafe
SangforTrojan.Win32.Crypzip.gen
AlibabaTrojan:Win32/Crypzip.81de5519
K7GWTrojan ( 0057849c1 )
K7AntiVirusTrojan ( 0057849c1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Packed.7zip.A suspicious
AvastWin32:Trojan-gen
ClamAVWin.Trojan.Generic-9874371-0
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderTrojan.Agent.FDJK
NANO-AntivirusTrojan.Win32.Crypzip.iqcpdx
Ad-AwareTrojan.Agent.FDJK
EmsisoftTrojan.Agent.FDJK (B)
ComodoApplicUnwnt@#7qd3g200zs2p
DrWebProgram.Unwanted.2520
VIPREWin32.Malware!Drop
TrendMicroTrojanSpy.Win32.EVILEE.B
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S + Troj/Agent-BGQN
Paloaltogeneric.ml
GDataWin32.Application.iObit.B
JiangminTrojan/CoinMiner.ab.a
WebrootW32.Adware.Gen
MicrosoftTrojan:Script/Phonzy.A!ml
AhnLab-V3Trojan/Win.Generic.R372988
McAfeeArtemis!1A2505D8E0CC
VBA32Trojan.Hesv
MalwarebytesTrojan.Dropper.WXT.Generic
TrendMicro-HouseCallTrojanSpy.Win32.EVILEE.B
RisingTrojan.HiddenRun/SFX!1.D57B (CLASSIC)
YandexRiskware.Agent!E+EJ4TSUuiU
IkarusTrojan.SuspectCRC
eGambitPE.Heur.InvalidSig
FortinetW32/7Zip.N!tr
AVGWin32:Trojan-gen
Cybereasonmalicious.8e0cc6
PandaTrj/Agent.ALS
MaxSecureTrojan.Malware.1728101.susgen

How to remove Trojan.Agent.FDJK?

Trojan.Agent.FDJK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment