Trojan

Trojan.Agent.GKDO information

Malware Removal

The Trojan.Agent.GKDO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Agent.GKDO virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary file triggered YARA rule
  • Binary compilation timestomping detected

How to determine Trojan.Agent.GKDO?



File Info:

name: C9740A8B7A794886636C.mlw
path: /opt/CAPEv2/storage/binaries/e73c5806a34a79c3cc11450cc560b40c75a7767c65745b68ba9160edd33396c2
crc32: 26CAF229
md5: c9740a8b7a794886636ca3759b3409cb
sha1: 8a905c89ef9409849f4fa1a834c1fb38ae2bb4bf
sha256: e73c5806a34a79c3cc11450cc560b40c75a7767c65745b68ba9160edd33396c2
sha512: 87626407da65215ce77eb9f7a3c151ad8ed5b191a2b807c80d5bd630868d63707699ad668dc619dc41d7de251262560c9b8cbd6d88e0f256efa181d35358317b
ssdeep: 49152:/PWAhBEBuL4Cpwp1xIIEOeq03xg/pOS5ai:/5hBEBuL4TLx9E
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T131D5060173F84A06E1BB0BBDA476191417B7FC1567B3E34E056D62AE2E737048E64BA3
sha3_384: c640541a768fc66f38fba70140aeca685dabb632bf1134781efc486a592fcd68570275e75c5a37add969d2781a88c46a
ep_bytes: ff2500200010b724d2c6297ef3513a00
timestamp: 2089-04-12 06:32:43


Version Info:

Translation: 0x0000 0x04b0
Comments: Microsoft Windows PowerShell Engine Core Assembly
CompanyName: Microsoft Corporation
FileDescription: System.Management.Automation
FileVersion: 6.1.7600.16385
InternalName: System.Management.Automation.dll
LegalCopyright: Copyright (c) Microsoft Corporation. All rights reserved.
OriginalFilename: System.Management.Automation.dll
ProductName: Microsoft (R) Windows (R) Operating System
ProductVersion: 6.1.7600.16385
Assembly Version: 1.0.0.0

Trojan.Agent.GKDO also known as:

BkavW32.Common.0A646B29
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.Agent.GKDO
FireEyeTrojan.Agent.GKDO
SkyhighArtemis
ALYacTrojan.Agent.GKDO
Cylanceunsafe
AlibabaTrojan:Win32/Generic.5dca8f6b
SymantecTrojan.Gen.MBT
TrendMicro-HouseCallTROJ_GEN.R002C0WCK24
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Agent.GKDO
EmsisoftTrojan.Agent.GKDO (B)
TrendMicroTROJ_GEN.R002C0WCK24
SophosMal/Generic-S
GDataTrojan.Agent.GKDO
JiangminTrojan.Generic.hscyi
GoogleDetected
VaristW32/MSIL_Troj.C.gen!Eldorado
Antiy-AVLTrojan/Win32.Agent
KingsoftMSIL.Trojan-Downloader.Agent.gen
ArcabitTrojan.Agent.GKDO
ZoneAlarmHEUR:Trojan-Downloader.MSIL.Agent.gen
AhnLab-V3Trojan/Win.Generic.C5603077
McAfeeArtemis!C9740A8B7A79
MAXmalware (ai score=86)
PandaTrj/Chgt.AD
RisingTrojan.Injector!1.F60F (CLASSIC)
IkarusTrojan.Agent
MaxSecureTrojan.Malware.73433372.susgen
FortinetMSIL/Injector.UWS!tr
DeepInstinctMALICIOUS
alibabacloudTrojan:MSIL/Injector.J

How to remove Trojan.Agent.GKDO?

Trojan.Agent.GKDO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment