Trojan

Trojan.Agent.GEWD (B) information

Malware Removal

The Trojan.Agent.GEWD (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.GEWD (B) virus can do?

  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Trojan.Agent.GEWD (B)?



File Info:

name: 53F09BE47202FB5C4F0C.mlw
path: /opt/CAPEv2/storage/binaries/8287eff057d260656ca18df28b3fe518313eeae1356be2bd4a76bb90720a2e1a
crc32: 9AFC9C5E
md5: 53f09be47202fb5c4f0cab4c3bd04611
sha1: d7f1e751b63c96f8dfd3b5dd74852b19ab50dc51
sha256: 8287eff057d260656ca18df28b3fe518313eeae1356be2bd4a76bb90720a2e1a
sha512: 327763b6d5d763ec93896e18da5f7c766c6c81d94f6e71a7deedde94b6ac460350b0aaf4cdcfde362c57ca6d46fc37d81eec178cbb8c3cdedb7f403ec5f0eb1b
ssdeep: 1536:nyQD+SfHGmiO6TIjnM5Y1SFOCz1CgT5sszU8yX2QhkkZak:yGfmdGjnMIsPz1/ysQxX26kIl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T107346A1373E2C8B6E17649300F6A5BB597B6FD308D359A1B2320772E1D319829D2B763
sha3_384: 78427d728ad912bac845ec8ac0de06335448d51ce519bcbbf9215dabc93929261ac2181f04d957b6c7e0958cc8313416
ep_bytes: 558bc2e97140040088f6e9fa40040050
timestamp: 2055-05-25 18:10:40


Version Info:

CompanyName: 
FileDescription: Normal Directory MFC Application
FileVersion: 1, 0, 0, 1
InternalName: Normal Directory
LegalCopyright: Copyright (C) 2009
LegalTrademarks: 
OriginalFilename: Normal Directory.EXE
ProductName: Normal Directory Application
ProductVersion: 1, 0, 0, 1
Translation: 0x0409 0x04b0

Trojan.Agent.GEWD (B) also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.GEWD
CAT-QuickHealW32.Virut.D
ALYacTrojan.Agent.GEWD
MalwarebytesMalware.AI.3578973977
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 00345a5b1 )
K7GWTrojan ( 00345a5b1 )
CrowdStrikewin/malicious_confidence_90% (D)
BaiduWin32.Worm.Agent.fc
VirITWin32.Cheburgen.A
CyrenW32/Agent.CAA.gen!Eldorado
SymantecW32.Rotinom
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Agent.NOM
APEXMalicious
ClamAVWin.Trojan.Virut-30
KasperskyHEUR:Worm.Win32.FolStart.pef
BitDefenderTrojan.Agent.GEWD
SUPERAntiSpywareTrojan.Agent/Gen-Autorun
AvastWin32:Agent-ANIM [Trj]
TencentWorm.Win32.AutoRun.h
EmsisoftTrojan.Agent.GEWD (B)
DrWebWin32.HLLW.Autoruner.18119
VIPRETrojan.Agent.GEWD
TrendMicroWorm.Win32.FOLDRUN.SMA
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.53f09be47202fb5c
SophosGeneric ML PUA (PUA)
IkarusTrojan.Win32.Agent
GDataWin32.Trojan.PSE.14319PQ
JiangminWorm.FolStart.j
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.Agent
XcitiumWorm.Win32.Agent.NEC0@1lq821
ArcabitTrojan.Agent.GEWD
ZoneAlarmHEUR:Worm.Win32.FolStart.pef
MicrosoftTrojan:Win32/Vindor!pz
Acronissuspicious
TACHYONTrojan/W32.Agent.249856.AQL
Cylanceunsafe
PandaTrj/Genetic.gen
ZonerTrojan.Win32.36734
TrendMicro-HouseCallWorm.Win32.FOLDRUN.SMA
RisingWorm.Autorun!1.DD90 (CLASSIC)
YandexTrojan.GenAsa!yCCNvkncd1Y
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Wacatac.B!tr
BitDefenderThetaGen:NN.ZexaF.36250.py0@ayOQMKpj
AVGWin32:Agent-ANIM [Trj]
DeepInstinctMALICIOUS

How to remove Trojan.Agent.GEWD (B)?

Trojan.Agent.GEWD (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment