Trojan

Trojan.BAT.Agent.gfs malicious file

Malware Removal

The Trojan.BAT.Agent.gfs is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.BAT.Agent.gfs virus can do?

  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Modifies Terminal Server registry keys for persistence
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.BAT.Agent.gfs?



File Info:

name: 0193D0E78233F6CE0B7B.mlw
path: /opt/CAPEv2/storage/binaries/3686e1c045a42472c6244e1105358b99f59110fc8a725e49de6997e57339ae5a
crc32: AE86A93A
md5: 0193d0e78233f6ce0b7b431507af5cc3
sha1: e9ae736e7d02ae5eb77b6d6f00733572a99c3ced
sha256: 3686e1c045a42472c6244e1105358b99f59110fc8a725e49de6997e57339ae5a
sha512: 12899987fb0fee6f805034833472dc63c1d3f7e835ccd54f421a2d185e96f2c8ca8323c12fa445632e04d975730eb4b5dea6fc88b73e616c2e01e3c6ec223489
ssdeep: 1536:igYPhQXwIiPrrjThO+lUBrzCxry1ec7rUyj239au7538iJkZ:FYP2XerzhOUxu/XUtauF8iJkZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14993C02376D184FBC90181306FAE376AE3B9D534A266650BFBB10A0F7F702D2951B953
sha3_384: 539f5f4252ff14f12a3602debf12b1e2f6fda188283763ea45ce20acf1ae1864df2870fb7ade9916c115863aa8572f27
ep_bytes: e8e3feffff33c050505050e8be2b0000
timestamp: 2010-03-15 06:27:50


Version Info:

0: [No Data]

Trojan.BAT.Agent.gfs also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Agent.Y!c
CynetMalicious (score: 99)
McAfeeArtemis!0193D0E78233
SangforTrojan.Bat.Agent.Vr9c
AlibabaTrojan:BAT/Generic.986e2297
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.BAT.Agent.gfs
ViRobotTrojan.Win32.Z.Win.94208.A
TencentBat.Trojan.Agent.Edhl
F-SecureTrojan.TR/BAT.Agent.dwlix
DrWebTrojan.MulDrop7.62118
McAfee-GW-EditionBehavesLike.Win32.BadFile.nh
Trapminemalicious.high.ml.score
AviraTR/BAT.Agent.dwlix
ZoneAlarmUDS:Trojan.BAT.Agent.gfs
AhnLab-V3Trojan/Win.Agent.C4777599
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CGK23
MaxSecureTrojan.Malware.11401715.susgen
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Trojan.BAT.Agent.gfs?

Trojan.BAT.Agent.gfs removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment