Categories: Trojan

Trojan.AgentWDCR.ADAS information

The Trojan.AgentWDCR.ADAS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.AgentWDCR.ADAS virus can do?

Behavioural detection: Executable code extraction – unpacking
A file was accessed within the Public folder.
Sample contains Overlay data
Uses Windows utilities for basic functionality
HTTPS urls from behavior.
Reads data out of its own binary image
CAPE extracted potentially suspicious content
Drops a binary and executes it
Authenticode signature is invalid
A scripting utility was executed
Uses Windows utilities to create a scheduled task
Checks for the presence of known windows from debuggers and forensic tools
Checks the presence of disk drives in the registry, possibly for anti-virtualization
Attempts to modify proxy settings
Deletes executed files from disk
Attempts to disable Windows Defender
Attempts to modify Windows Defender using PowerShell
Touches a file containing cookies, possibly for information gathering
Attempts to execute suspicious powershell command arguments
Uses suspicious command line tools or Windows utilities
Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.AgentWDCR.ADAS?


File Info:
name: F3DB0937AF7F5B352095.mlwpath: /opt/CAPEv2/storage/binaries/426bd41d5014a9ff16c84dc3ce3b220c6f05162487eaaef859c2f5ad29f4bd7fcrc32: 668145C0md5: f3db0937af7f5b352095f4db1f38a839sha1: eef4a812d250276cc3939db96ebecdcda8f2a862sha256: 426bd41d5014a9ff16c84dc3ce3b220c6f05162487eaaef859c2f5ad29f4bd7fsha512: 697a56267b95b60e6b19427d0739bc69e5d5951c798976aa4dc99c0f0f70e7f7332cf3a440809ab4f5a8d55e38caf2ff75f45ee0a74a5882589ed8d1eba9e575ssdeep: 393216:JkvM/y+CFPqIMUsfx+tZNcCOPoQkFV6n2AtJNdFk6VIxTO0r:JBCFyIHoTCG1kFgnXNW/rtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T146E6332CD6A2E9EFC5E631F07D8839E759C083491A25E3D73A245912B231A0D9F4C79Fsha3_384: fc03f0819261091e116dccdb256b522d0cde30542268f6af680e5ed5830217a7e446eadc5daa6ab4053833cbda84f565ep_bytes: 81ecd40200005356576a205f33db6801timestamp: 2020-08-01 02:44:18
Version Info:
0: [No Data]

Trojan.AgentWDCR.ADAS also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Agent.Y!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Uztuby.4
FireEye	Generic.mg.f3db0937af7f5b35
ALYac	Trojan.AgentWDCR.ADAS
Malwarebytes	Generic.Malware/Suspicious
VIPRE	Trojan.Uztuby.4
Sangfor	Trojan.Win32.Agent.V51w
Alibaba	TrojanPSW:Win32/Qshell.c0189326
Cybereason	malicious.2d2502
Cyren	W32/Kryptik.FSC.gen!Eldorado
Symantec	Trojan Horse
ESET-NOD32	multiple detections
APEX	Malicious
ClamAV	Win.Packed.Barys-9859531-0
Kaspersky	Trojan-Dropper.Win32.Agent.gen
BitDefender	Trojan.Uztuby.4
NANO-Antivirus	Trojan.Win32.TrjGen.jzzrrk
Avast	Win32:Malware-gen
Rising	Dropper.Agent/NSIS!1.D805 (CLASSIC)
Emsisoft	Trojan.Uztuby.4 (B)
F-Secure	Heuristic.HEUR/AGEN.1316581
DrWeb	Trojan.Siggen19.61510
TrendMicro	Trojan.Win32.REDLINESTEALER.U
McAfee-GW-Edition	BehavesLike.Win32.Generic.tc
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.Raccrypt
GData	Trojan.Uztuby.4
Webroot	W32.Trojan.Uztuby
Google	Detected
Avira	HEUR/AGEN.1338885
MAX	malware (ai score=89)
Antiy-AVL	Trojan/Win32.Zapchast
Xcitium	Malware@#32qru6ebomzs0
Arcabit	Trojan.Uztuby.4 [many]
ZoneAlarm	Trojan-Dropper.Win32.Agent.gen
Microsoft	Trojan:Win32/Vindor!pz
Cynet	Malicious (score: 100)
McAfee	Artemis!F3DB0937AF7F
VBA32	Trojan.Qshell
Cylance	unsafe
Panda	Trj/CI.A
Tencent	Win32.Trojan-Dropper.Agent.Wmhl
SentinelOne	Static AI – Suspicious PE
Fortinet	W32/PossibleThreat
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)