Trojan

Trojan.Agent.GJGG information

Malware Removal

The Trojan.Agent.GJGG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.GJGG virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the embedded pe malware family
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Agent.GJGG?



File Info:

name: A55598B9B2EC80680EB9.mlw
path: /opt/CAPEv2/storage/binaries/eaf2f60731282109bb9cfc94f507ee69bc80145c37d300bfbd8860489fe48fce
crc32: 6CD5B34E
md5: a55598b9b2ec80680eb901a473ee82a3
sha1: d75e37347db5e95a1dcc60115e95a9aad07b30bd
sha256: eaf2f60731282109bb9cfc94f507ee69bc80145c37d300bfbd8860489fe48fce
sha512: 2bf58a824b26ae4b71464a26b9e454e99e2a2b528c9f241f94fa3306e5216c13aa01b69e64878994c549d82b61af073fcf490cef843d3b05a10e8f0f296a1209
ssdeep: 12288:hCscS1ThzlZBzuR1sQk8LcPZ/erPVTM5jxCj8BJbo4x/btBcDPy/MQkrVW4eONWW:tcSxPLztDdJe5o54j23dcmUZge0s
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19B151212B2809066C6C705364ABB83DAAF35EEB25B9456DF5B4C39D24F322D01C3B65F
sha3_384: dec1d03c1ea18b56b37e126bd9511d5e624ce308d558af8750b7091b1349c9230e839070c0e750f38402f7ac6f898884
ep_bytes: e8e54c0000e916feffffcc558bec5756
timestamp: 2010-02-19 18:32:36


Version Info:

CompanyName: eAcceleration Corp 
FileDescription: StopSign Installer
FileVersion: 1, 0, 0, 50
InternalName: eAc Installer 
LegalCopyright: Copyright© 2000-2010 eAcceleration Corp. All Rights Reserved.
LegalTrademarks: ... 
OriginalFilename: sfx.exe
PrivateBuild: ... 
ProductName: StopSign Installer 
ProductVersion: 1, 0, 0, 50
SpecialBuild: ... 
Translation: 0x0409 0x04b0

Trojan.Agent.GJGG also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Stealer.i!c
MicroWorld-eScanTrojan.Agent.GJGG
FireEyeTrojan.Agent.GJGG
SkyhighBehavesLike.Win32.Dropper.dc
ALYacTrojan.Agent.GJGG
Cylanceunsafe
ZillyaTrojan.Banbra.Win32.31231
SangforTrojan.Win32.Sabsik.FL
K7AntiVirusTrojan ( 005380f71 )
AlibabaTrojanPSW:Win32/Stealer.faa74327
K7GWTrojan ( 005380f71 )
CrowdStrikewin/malicious_confidence_70% (D)
VirITTrojan.Win32.Genus.VKE
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
KasperskyHEUR:Trojan-PSW.Win32.Stealer.gen
BitDefenderTrojan.Agent.GJGG
NANO-AntivirusTrojan.Win32.Snojan.epoyxc
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
AvastFileRepMalware [Trj]
EmsisoftTrojan.Agent.GJGG (B)
F-SecureHeuristic.HEUR/AGEN.1307634
DrWebTrojan.MulDrop6.20495
VIPRETrojan.Agent.GJGG
SophosMal/Generic-S
GDataTrojan.Agent.GJGG
JiangminTrojanDropper.Agent.cigy
AviraHEUR/AGEN.1307634
Antiy-AVLTrojan/Win32.Generic
ArcabitTrojan.Agent.GJGG
ZoneAlarmHEUR:Trojan-PSW.Win32.Stealer.gen
CynetMalicious (score: 99)
AhnLab-V3Malware/Win.Generic.C4922228
McAfeeArtemis!A55598B9B2EC
GoogleDetected
MAXmalware (ai score=83)
VBA32Trojan.MulDrop
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/CI.A
RisingStealer.Agent!8.C2 (RDMK:cmRtazpPUYSzeH3vNP19sY3d9CJp)
YandexTrojan.PWS.Banbra!5R2MWNiej54
IkarusTrojan.Agent
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Redcap.ILEM!tr
AVGFileRepMalware [Trj]
Cybereasonmalicious.9b2ec8
DeepInstinctMALICIOUS

How to remove Trojan.Agent.GJGG?

Trojan.Agent.GJGG removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Trojan

Trojan.Agent.GJGG information

Malware Removal

The Trojan.Agent.GJGG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.GJGG virus can do?

  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the embedded pe malware family
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Agent.GJGG?



File Info:

name: B9EDBB82D44F1B6816B2.mlw
path: /opt/CAPEv2/storage/binaries/8ab18c7757a1db7f9a275abeaefba7464dbff771789dbb8abbdf287240f072d2
crc32: 72CFD2D2
md5: b9edbb82d44f1b6816b28792dcb17863
sha1: 282e470fb740ff1fea191ef8248d3dfcb53761ae
sha256: 8ab18c7757a1db7f9a275abeaefba7464dbff771789dbb8abbdf287240f072d2
sha512: f85caf4eab1cb4e6570e082cc448d8b8baeea4b29c9b3e7ed732d94bd3ce0c92c9df5c6befb2793cc6916fc9db16b9a3a2e2d3d5bd98ca7d416f2e3ccd4a4d6d
ssdeep: 12288:hCscS1ThzlZBzuR1sQk8LcPZ/erPVTM5jxCj8BJbo4x/btBcDPy/MQkrVW4eOVFb:tcSxPLztDdJe5o54j23dcmUZg2Fb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E5151212B2909166C68705365ABB83EAAF35DFB11BA457DF5B4C39C20F322901C3B65B
sha3_384: 14a03566954c6edab819890cc026a87fac356dea7e6f56f0dcd8e89552ad75cacc2a0727da4d4ba75e182e7e25500786
ep_bytes: e8e54c0000e916feffffcc558bec5756
timestamp: 2010-02-19 18:32:36


Version Info:

CompanyName: eAcceleration Corp 
FileDescription: StopSign Installer
FileVersion: 1, 0, 0, 50
InternalName: eAc Installer 
LegalCopyright: Copyright© 2000-2010 eAcceleration Corp. All Rights Reserved.
LegalTrademarks: ... 
OriginalFilename: sfx.exe
PrivateBuild: ... 
ProductName: StopSign Installer 
ProductVersion: 1, 0, 0, 50
SpecialBuild: ... 
Translation: 0x0409 0x04b0

Trojan.Agent.GJGG also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Stealer.i!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Agent.GJGG
FireEyeTrojan.Agent.GJGG
SkyhighBehavesLike.Win32.Dropper.dc
ALYacTrojan.Agent.GJGG
Cylanceunsafe
ZillyaTrojan.Banbra.Win32.31231
K7AntiVirusTrojan ( 005380f71 )
AlibabaTrojanPSW:Win32/Stealer.5af5191f
K7GWTrojan ( 005380f71 )
Cybereasonmalicious.2d44f1
VirITTrojan.Win32.Genus.VKE
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyHEUR:Trojan-PSW.Win32.Stealer.gen
BitDefenderTrojan.Agent.GJGG
NANO-AntivirusTrojan.Win32.Snojan.epoyxc
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
AvastFileRepMalware [Trj]
TencentMalware.Win32.Gencirc.10bbf636
EmsisoftTrojan.Agent.GJGG (B)
GoogleDetected
F-SecureHeuristic.HEUR/AGEN.1307634
DrWebTrojan.MulDrop6.20495
VIPRETrojan.Agent.GJGG
SophosMal/Generic-S
JiangminTrojanDropper.Agent.cigy
AviraHEUR/AGEN.1307634
Antiy-AVLTrojan/Win32.Generic
XcitiumMalware@#iihtksj8cnyo
ArcabitTrojan.Agent.GJGG
ZoneAlarmHEUR:Trojan-PSW.Win32.Stealer.gen
GDataTrojan.Agent.GJGG
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.PWS.C4919589
McAfeeArtemis!B9EDBB82D44F
MAXmalware (ai score=84)
VBA32Trojan.MulDrop
MalwarebytesGeneric.Malware.AI.DDS
RisingStealer.Agent!8.C2 (RDMK:cmRtazpPUYSzeH3vNP19sY3d9CJp)
YandexTrojan.PWS.Banbra!5R2MWNiej54
IkarusTrojan.Agent
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Redcap.ILEM!tr
AVGFileRepMalware [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Trojan.Agent.GJGG?

Trojan.Agent.GJGG removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment