Trojan

Should I remove “Trojan.Agent.GACU”?

Malware Removal

The Trojan.Agent.GACU is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.GACU virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Unconventionial language used in binary resources: Azeri
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system

How to determine Trojan.Agent.GACU?



File Info:

name: 0CB08975ECC43862F59D.mlw
path: /opt/CAPEv2/storage/binaries/ec35f59b6e67cab4fa60ec2847507b38a527ed757a381cd6fc06a5a664661859
crc32: 2DF48BF4
md5: 0cb08975ecc43862f59d177bb0c5651a
sha1: d47afb8b0b4938eeeb1dd1e1cf8c13e9d0585f92
sha256: ec35f59b6e67cab4fa60ec2847507b38a527ed757a381cd6fc06a5a664661859
sha512: 6751071a4a8d906411a6dae9251dd452344ffe102dd6371c042ba2ff8733629e4196ffe9a85c36fce69dfe5062e819a62b62c9e44eaa50ca49aa6e63b35578ab
ssdeep: 24576:AFLkovM+nvXzEmw2EobPcKuj9WJvoPA7:uPvD99JvY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F8257D26B2D0CB37D472167C9D7BB2EC58757E105D2CA44E7AF40F4C1E3AA813A252A7
sha3_384: cbcfbdd0d3c2e8d9f08d2316c666648cc03cc57e0df2539d97832d27c994f3e9c321dad19052fd4990780f1d0c23c03b
ep_bytes: 558bec83c4f0b8547e4c00e8dce4f3ff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Trojan.Agent.GACU also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.GACU
FireEyeTrojan.Agent.GACU
McAfeeArtemis!0CB08975ECC4
CylanceUnsafe
K7GWTrojan ( 005961a01 )
K7AntiVirusTrojan ( 005961a01 )
CyrenW32/Injector.BAS.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.ERYS
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
BitDefenderTrojan.Agent.GACU
Ad-AwareTrojan.Agent.GACU
EmsisoftTrojan.Agent.GACU (B)
McAfee-GW-EditionArtemis!Trojan
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.Agent.GACU
Antiy-AVLTrojan/Generic.ASMalwS.51F4
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Agent.C5224738
BitDefenderThetaGen:NN.ZelphiCO.34606.8GW@aa!LAfoO
MAXmalware (ai score=87)
MalwarebytesTrojan.Ursnif
RisingSpyware.Danabot!8.FADB (TFE:3:vbEmXGIQYxG)
IkarusBackdoor.QBot
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Trojan-gen
Cybereasonmalicious.b0b493
AvastWin32:Trojan-gen

How to remove Trojan.Agent.GACU?

Trojan.Agent.GACU removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment