Categories: Trojan

Trojan.Downloader.Agent.APD removal guide

The Trojan.Downloader.Agent.APD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Downloader.Agent.APD virus can do?

Sample contains Overlay data
HTTPS urls from behavior.
Reads data out of its own binary image
CAPE extracted potentially suspicious content
Drops a binary and executes it
Authenticode signature is invalid
Behavioural detection: Injection (inter-process)
Behavioural detection: Injection with CreateRemoteThread in a remote process
Operates on local firewall’s policies and settings
Deletes executed files from disk
Attempts to disable Windows Auto Updates
Attempts to modify or disable Security Center warnings
Modifies Image File Execution Options, indicative of process injection or persistence
Anomalous binary characteristics

How to determine Trojan.Downloader.Agent.APD?


File Info:
name: AC64A71082EFB00BFC1C.mlwpath: /opt/CAPEv2/storage/binaries/c8b37c22343f3d6493bfc42390370c34582e5692e44445150e58353b5efc75f0crc32: AB7A857Dmd5: ac64a71082efb00bfc1c876846acf4dfsha1: 9220d74c584063a5e16418f60e7d3fa516212592sha256: c8b37c22343f3d6493bfc42390370c34582e5692e44445150e58353b5efc75f0sha512: 2ecb4e06dc4d9ed3c5161333f3bec013dcf878d3c2ac36055f92f1523a28d448981e1cb7d57d177cedada594c19fcd872a4e98acb37fd8983cd17deaabeaaa66ssdeep: 1536:hRbZoRuUrdfsRwg2DyGG/MtbUX13sPRi+sF4G7y0cKztqu:if/DRi344y0xXtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T10B935C7532E7A19CE829D27B703095FA9398DA42A324D2CBB70C5FE797DA0074D2A714sha3_384: a46ddd244a3557d2a18a0f2864f7f87bfb0ab9438ce6afecd94f5e8d8ebf67e6d6a713122f0925c00c1fb7d152c26e6fep_bytes: 5557565381eccc050000a1f2134000c7timestamp: 2006-12-14 12:10:05
Version Info:
0: [No Data]

Trojan.Downloader.Agent.APD also known as:

Bkav	W32.AIDetect.malware2
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Downloader.Agent.APD
FireEye	Generic.mg.ac64a71082efb00b
McAfee	Downloader-AYV
Cylance	Unsafe
VIPRE	Trojan.Downloader.Agent.APD
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan-Downloader ( 0055e3da1 )
K7GW	Trojan-Downloader ( 0055e3da1 )
CrowdStrike	win/malicious_confidence_100% (D)
BitDefenderTheta	AI:Packer.C9B2DAB61B
Cyren	W32/Downloader.ZVPK-6822
Symantec	Trojan Horse
ESET-NOD32	Win32/TrojanDownloader.Agent.NIV
Baidu	Win32.Trojan-Downloader.Agent.gr
ClamAV	Win.Downloader.2667-1
Kaspersky	Trojan-Downloader.Win32.Agent.apd
BitDefender	Trojan.Downloader.Agent.APD
NANO-Antivirus	Trojan.Win32.Agent.ddbwox
Cynet	Malicious (score: 100)
Avast	Win32:Agent-JML [Trj]
Tencent	Trojan.Win32.Agent.xo
Ad-Aware	Trojan.Downloader.Agent.APD
TACHYON	Trojan-Downloader/W32.Agent.93984
Emsisoft	Trojan.Downloader.Agent.APD (B)
Comodo	TrojWare.Win32.TrojanDownloader.Agent.NIV@4em9
DrWeb	Trojan.MulDrop.8475
Zillya	Downloader.Agent.Win32.457939
McAfee-GW-Edition	BehavesLike.Win32.PWSZbot.nm
SentinelOne	Static AI – Suspicious PE
Trapmine	malicious.moderate.ml.score
Sophos	ML/PE-A
APEX	Malicious
Jiangmin	TrojanDownloader.Agent.hfy
Webroot	W32.Trojan.Trojan-Downloader.Ge
Avira	TR/Drop.Age.apd.1.E
Antiy-AVL	Trojan/Generic.ASMalwS.13
Microsoft	Trojan:Win32/Agent.OD
ViRobot	Trojan.Win32.Agent.33661
ZoneAlarm	Trojan.Win32.Vilsel.csjl
GData	Trojan.Downloader.Agent.APD
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.R5376
Acronis	suspicious
VBA32	TrojanDownloader.Agent
MAX	malware (ai score=80)
Malwarebytes	Malware.AI.4000494036
Rising	Trojan.DL.Adload.acx (CLASSIC)
Yandex	Trojan.GenAsa!qABkOaw0YR8
Ikarus	Trojan-Downloader.Win32.Agent
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W32/Agent.APD!tr.dldr
AVG	Win32:Agent-JML [Trj]
Cybereason	malicious.082efb
Panda	Generic Suspicious