Trojan

Trojan-Dropper.Win32.Agent.osrd (file analysis)

Malware Removal

The Trojan-Dropper.Win32.Agent.osrd is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.Win32.Agent.osrd virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan-Dropper.Win32.Agent.osrd?



File Info:

name: 3F7E565BC259EB8256BE.mlw
path: /opt/CAPEv2/storage/binaries/41d95161504873b449eb68fcdcfe1db244d634ce4b7d2a6c3331446eebad5e4b
crc32: E814E8F4
md5: 3f7e565bc259eb8256bee6bdc988c3f4
sha1: a89e989fdfa395d776b870edeed25314ed45aad6
sha256: 41d95161504873b449eb68fcdcfe1db244d634ce4b7d2a6c3331446eebad5e4b
sha512: 7e5be3733bdafdffc55193a131c2f38937cc706b06b9852b35d729819bedf09263ea049de80e4611a54469bf3468e7d759a7d75d43adf5468282e3bdfeccd1b3
ssdeep: 24576:OwWwH6N+9IYkvdStJZupoZ2X1F6kTigVoATQckoxxTJNURRRuvCMtVdUhZuIBWcW:pd6NCI/cSl76k2kwRrMjd6uIccW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C9851202F293D071D46600B9056A9BB64F797D3187B5C4E7AFE13E6E9E302D09A3734A
sha3_384: 7dde6f3fb39f17f541eae2f413543f106921f4b9ca6785445628b368377a891cc7210d472b6f517bda815044d4227cd7
ep_bytes: e8a61d0000e989feffff8bff565733f6
timestamp: 2014-09-03 15:08:50


Version Info:

Comments: Created with Setup Factory
FileDescription: Setup Application
FileVersion: 9.3.2.0
InternalName: suf_launch
LegalCopyright: Setup Engine Copyright © 2004-2014 Indigo Rose Corporation
LegalTrademarks: Setup Factory is a trademark of Indigo Rose Corporation.
OriginalFilename: suf_launch.exe
ProductName: Setup Factory Runtime
ProductVersion: 9.3.2.0
Translation: 0x0409 0x04e4

Trojan-Dropper.Win32.Agent.osrd also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Agent.b!c
AVGWin32:Malware-gen
Elasticmalicious (moderate confidence)
SangforDropper.Win32.Agent.Vbzu
CrowdStrikewin/malicious_confidence_60% (D)
AlibabaTrojanDropper:Win32/Generic.43c12459
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
APEXMalicious
KasperskyTrojan-Dropper.Win32.Agent.osrd
NANO-AntivirusTrojan.Win32.Agent.dtmart
AvastWin32:Malware-gen
TencentWin32.Trojan-Dropper.Agent.Vmhl
DrWebTrojan.KillFiles.23495
McAfee-GW-EditionArtemis!Trojan
Trapminesuspicious.low.ml.score
WebrootW32.Agent.Ovxn
ZoneAlarmTrojan-Dropper.Win32.Agent.osrd
McAfeeArtemis!3F7E565BC259
VBA32BScope.Trojan.FakeAV
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H07EE23
MaxSecureTrojan.Malware.121218.susgen
Cybereasonmalicious.bc259e
DeepInstinctMALICIOUS

How to remove Trojan-Dropper.Win32.Agent.osrd?

Trojan-Dropper.Win32.Agent.osrd removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment