Trojan

About “Trojan.Agent.FMCK (B)” infection

Malware Removal

The Trojan.Agent.FMCK (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.FMCK (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine Trojan.Agent.FMCK (B)?



File Info:

name: 0F21180E96AB19EF2E51.mlw
path: /opt/CAPEv2/storage/binaries/c4a2b46a4862b253ccc6652a4a120f5d9f0b0d77fcacc3bbb63dabe586e3368e
crc32: EC3C36ED
md5: 0f21180e96ab19ef2e51694f7e80f478
sha1: 0bd5f0cd5b1d9437b41a4d92ab3a1f25fdb494f9
sha256: c4a2b46a4862b253ccc6652a4a120f5d9f0b0d77fcacc3bbb63dabe586e3368e
sha512: 4960a2e52b4f21b0ff9eb4508a746fbd16f8aee4b5879f09ad6af04fb704573f0e6cd54789376fa1a351339a2206d11c13c60931134287e058661ccc37176453
ssdeep: 12288:OCdOy3vVrKxR5CXbNjAOxK/j2n+4YG/6c1mFFja3mXgcjfRlgsUBga0N2Q:OCdxte/80jYLT3U1jfsWa0N2Q
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T185059C2273DDC360CB669173BF6973016EBF7C650630B85B2F882D79A960171262D7A3
sha3_384: 015a8602d0758d5ed5ea4281fdfb344ad75b1d4cad131d676e7a0df30ec17bef63179e39c83178b22d1e080c54cfe9a8
ep_bytes: e8b8d00000e97ffeffffcccccccccccc
timestamp: 2022-01-14 12:29:39


Version Info:

CompanyName: VlRNGhQvx
FileVersion: 0.0.0.0
Translation: 0x0809 0x04b0

Trojan.Agent.FMCK (B) also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.FMCK
FireEyeTrojan.Agent.FMCK
ALYacTrojan.Agent.FMCK
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 0054bc841 )
K7GWTrojan ( 0054bc841 )
VirITTrojan.Win32.MulDrop8.HPR
CyrenW32/AutoIt.SQ.gen!Eldorado
ESET-NOD32a variant of Win32/Autoit.OGC
APEXMalicious
KasperskyUDS:Trojan.Script.Generic
BitDefenderTrojan.Agent.FMCK
AvastAutoIt:Runner-BG [Trj]
RisingMalware.UDM!1.BB61 (CLASSIC)
Ad-AwareTrojan.Agent.FMCK
EmsisoftTrojan.Agent.FMCK (B)
F-SecureWorm.WORM/FakeExt.Gen8
TrendMicroTrojan.AutoIt.VICTORYGATE.SM
McAfee-GW-EditionBehavesLike.Win32.Trojanaitinject.ch
SophosMal/Generic-R + Troj/Autoit-CPL
IkarusTrojan.Win32.Autoit
GDataTrojan.Agent.FMCK (2x)
AviraWORM/FakeExt.Gen8
MAXmalware (ai score=84)
ArcabitTrojan.Agent.FMCK
ZoneAlarmHEUR:Trojan.Script.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C3346997
McAfeeArtemis!0F21180E96AB
MalwarebytesTrojan.Dropper
TrendMicro-HouseCallTrojan.AutoIt.VICTORYGATE.SM
MaxSecureTrojan.Malware.300983.susgen
FortinetAutoIt/Agent.OGC!tr
AVGAutoIt:Runner-BG [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Agent.FMCK (B)?

Trojan.Agent.FMCK (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment