Trojan

Trojan-Downloader.Win32.Agent.xxybnd malicious file

Malware Removal

The Trojan-Downloader.Win32.Agent.xxybnd is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.Win32.Agent.xxybnd virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Chinese (Simplified)

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan-Downloader.Win32.Agent.xxybnd?



File Info:

crc32: 754CC69D
md5: fb30c5b8dbfa937c04ed9ba0f9419a96
name: FB30C5B8DBFA937C04ED9BA0F9419A96.mlw
sha1: 4b79af7669d1b5fd82e0cfc148223ce385fa80ff
sha256: 6015e542a724ed7ce38d89c8acafc4312bb4a44e2699690a154497cdc9272883
sha512: c06dd62a8cbdcccbaac6c164553fb6018fa974a27c067abd25c65bcc74e299e741755f52756c2a1c5452dd1cf75a068cdf20be6206305e340ca32eb4e972d138
ssdeep: 6144:MrojxZuRlSjo6KCD4SLNdcrvUL11Nup7RGv7qwoSavQ9G/JRt7g0g:vjxZmlO5KC1Qcc7G2ZtiGxY
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright:                                                                                                     
FileVersion:                     
CompanyName: EasyLook                                                    
Comments: This installation was built with Inno Setup.
ProductName: EasyLook                                                    
ProductVersion: 1.0.0.3             
FileDescription: EasyLook Setup                                              
Translation: 0x0000 0x04b0

Trojan-Downloader.Win32.Agent.xxybnd also known as:

K7AntiVirusTrojan ( 00534de11 )
LionicTrojan.Win32.Agent.a!c
DrWebTrojan.DownLoader26.47965
ALYacGen:Variant.Cerbu.94450
MalwarebytesTrojan.Downloader
ZillyaDownloader.Agent.Win32.352624
SangforTrojan.Win32.Agent.8
K7GWTrojan ( 00534de11 )
Cybereasonmalicious.8dbfa9
CyrenW32/Delf.IB.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.DZZ
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 99)
KasperskyTrojan-Downloader.Win32.Agent.xxybnd
BitDefenderGen:Variant.Cerbu.94450
NANO-AntivirusTrojan.Win32.Dwn.fdsejo
MicroWorld-eScanGen:Variant.Cerbu.94450
TencentWin32.Trojan-downloader.Agent.Ednc
Ad-AwareGen:Variant.Cerbu.94450
SophosMal/Generic-S
ComodoMalware@#1t5vb0tv32d1p
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionDownloader-FBSI!FB30C5B8DBFA
FireEyeGen:Variant.Cerbu.94450
EmsisoftGen:Variant.Cerbu.94450 (B)
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1124690
MicrosoftTrojan:Win32/Skeeyah.A!rfn
GDataGen:Variant.Cerbu.94450
TACHYONTrojan-Downloader/W32.Agent.311830
AhnLab-V3Malware/Gen.Generic.C2544116
McAfeeDownloader-FBSI!FB30C5B8DBFA
MAXmalware (ai score=94)
PandaTrj/CI.A
YandexTrojan.DL.Agent!gnwalr+Sndg
IkarusTrojan.Downloader.Inno.Agent
FortinetW32/Agent.EBX!tr.dldr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan-Downloader.Win32.Agent.xxybnd?

Trojan-Downloader.Win32.Agent.xxybnd removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment