Trojan

Trojan.Agent.GBXS malicious file

Malware Removal

The Trojan.Agent.GBXS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.GBXS virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Trojan.Agent.GBXS?



File Info:

name: 8B4DB822AD5604ABD3F7.mlw
path: /opt/CAPEv2/storage/binaries/4c9880d83021488e9362f37bd5f0d50efc7412b5b627ec1e8b96c03822688b1a
crc32: 55AD9831
md5: 8b4db822ad5604abd3f71a7f900780d8
sha1: 8e4ddc53f22d70fbf2c5f2d8d31a5b9eebafdf7f
sha256: 4c9880d83021488e9362f37bd5f0d50efc7412b5b627ec1e8b96c03822688b1a
sha512: 21083285efec2a6ad5b0a9b52277521648f767979f8d731b910dce775e30e8a1c061dd5ab0bad1137d961455055895b17e741c796874e498390f1ada4e2c0274
ssdeep: 3072:BmofilwjBfQn7WbIqH0ybZBiOllyEmcP82+aVdOt66VGegmp:BmkQn7WbIqH0ybZBiOllyE5D+aVkjseN
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10AD37217B624507FD155D8F57A39C25A30292F7A13A0BC83B780AB19AEB01E3B5F570B
sha3_384: 30fb796087d177995454469a5184b8346283f905d76fccd575ace148cb58ce5149281ffb79a47028c2850a87ba64bb38
ep_bytes: 68d4324000e8f0ffffff000000000000
timestamp: 2011-06-14 05:52:23


Version Info:

Translation: 0x0409 0x04b0
ProductName: bpjdBfJDtCnDMGXSnEK
FileVersion: 1.00
ProductVersion: 1.00
InternalName: QGiXjPwjZEVBiR
OriginalFilename: QGiXjPwjZEVBiR.exe

Trojan.Agent.GBXS also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebTrojan.VbCrypt.60
MicroWorld-eScanTrojan.Agent.GBXS
CAT-QuickHealTrojan.Vobfus.gen
ALYacTrojan.Agent.GBXS
MalwarebytesGeneric.Worm.AutoRun.DDS
SangforTrojan.Win32.Save.a
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.2ad560
BitDefenderThetaAI:Packer.3E93585220
VirITTrojan.Win32.Zyx.BW
CyrenW32/Vobfus.W.gen!Eldorado
SymantecW32.Changeup
ESET-NOD32a variant of Win32/AutoRun.VB.ADL
APEXMalicious
ClamAVWin.Trojan.VB-1407
KasperskyTrojan.Win32.VBKrypt.drhe
BitDefenderTrojan.Agent.GBXS
NANO-AntivirusTrojan.Win32.VBKrypt.cinawx
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:VB-VBQ [Trj]
TencentTrojan.Win32.VB.sh
TACHYONTrojan/W32.VB-VBKrypt.139264.Y
EmsisoftTrojan.Agent.GBXS (B)
F-SecureTrojan.TR/Kazy.267492
BaiduWin32.Trojan.VB.j
VIPRETrojan.Agent.GBXS
TrendMicroWORM_VOBFUS.SMHF
McAfee-GW-EditionBehavesLike.Win32.VBObfus.cm
FireEyeGeneric.mg.8b4db822ad5604ab
SophosW32/SillyFDC-GC
SentinelOneStatic AI – Malicious PE
GDataTrojan.Agent.GBXS
AviraTR/Kazy.267492
Antiy-AVLWorm/Win32.WBNA.gen
XcitiumTrojWare.Win32.Kazy.AH@3r0szr
ArcabitTrojan.Agent.GBXS
ZoneAlarmTrojan.Win32.VBKrypt.drhe
MicrosoftWorm:Win32/Vobfus.CJ
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Tdss.R8428
McAfeeVBObfus.g
MAXmalware (ai score=88)
VBA32Worm.WBNA
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SMHF
RisingTrojan.Win32.Fednu.swz (CLASSIC)
YandexTrojan.GenAsa!2+cUlzS9nqo
IkarusWorm.Win32.Vobfus
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/WBNA.AOW!worm
AVGWin32:VB-VBQ [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Trojan.Agent.GBXS?

Trojan.Agent.GBXS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment