Trojan

Trojan-Dropper.Win32.Agent.bjxbot removal instruction

Malware Removal

The Trojan-Dropper.Win32.Agent.bjxbot is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Agent.bjxbot virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Hungarian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A scripting utility was executed
  • Emumerates physical drives
  • Attempted to write directly to a physical drive
  • Suspicious wmic.exe use was detected

How to determine Trojan-Dropper.Win32.Agent.bjxbot?



File Info:

name: A05ECB86D4CAB33F3025.mlw
path: /opt/CAPEv2/storage/binaries/572792fc71b6da396a0051984aeb456b53fc4733e821fe8f239fae6a79997281
crc32: B4270061
md5: a05ecb86d4cab33f3025a2f8e368d32c
sha1: 57ebe7ca8dfb6e5ea596db22048420ae47256834
sha256: 572792fc71b6da396a0051984aeb456b53fc4733e821fe8f239fae6a79997281
sha512: be7ca326dfc53c2e86bdc3f1b1fc66b3dfc150986d0e6703d6077d3d174b77b763b8a2fdbfd33994377463f8dceca9d5495d6f8f1fc44b657524797480440e28
ssdeep: 98304:jdNe2QQdUCINLQGjfNmE6HhvJrSllFmFVRGC5sunZQNYag:G2QQriQGjlmEr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15F066C25F201D83BC5732678DC2BE2D92865BF243D2469573AA83F4C7F767813929287
sha3_384: 854ab6c36b78ab14594c29448b1e26f4f6835633cf30a527548fb6018d6dcd2884f5103f79c494458daa1f3c9cccfc6f
ep_bytes: 558becb9260000006a006a004975f953
timestamp: 1992-06-19 22:22:17


Version Info:

CompanyName: H.D.S. Hungary
FileDescription: Hard Disk Sentinel Engine
FileVersion: 3.2.0.0
InternalName: HDSentinel
LegalCopyright: Copyright © 2005-2010 H.D.S. Hungary
LegalTrademarks: Copyright © 2005-2010 H.D.S. Hungary
OriginalFilename: HDSentinel.exe
ProductName: Hard Disk Sentinel
ProductVersion: 3
Translation: 0x0409 0x04e4

Trojan-Dropper.Win32.Agent.bjxbot also known as:

BkavW32.Common.4B69F99D
LionicTrojan.Win32.Agent.Y!c
DrWebTrojan.MulDrop19.57865
McAfeeArtemis!A05ECB86D4CA
ZillyaDropper.Agent.Win32.535536
Cybereasonmalicious.a8dfb6
APEXMalicious
KasperskyTrojan-Dropper.Win32.Agent.bjxbot
NANO-AntivirusTrojan.Win32.Drop.jqcvvv
TencentWin32.Trojan-Dropper.Agent.Xwhl
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Suspicious PE
Antiy-AVLTrojan[Dropper]/Win32.Agent
ZoneAlarmTrojan-Dropper.Win32.Agent.bjxbot
VBA32TScope.Trojan.Delf
Cylanceunsafe
RisingDropper.Agent!8.2F (CLOUD)
MaxSecureTrojan.Malware.8054.susgen
FortinetW32/PossibleThreat
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Trojan-Dropper.Win32.Agent.bjxbot?

Trojan-Dropper.Win32.Agent.bjxbot removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment