Trojan

What is “Trojan.GenericFCA.Agent.55612”?

Malware Removal

The Trojan.GenericFCA.Agent.55612 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.GenericFCA.Agent.55612 virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Trojan.GenericFCA.Agent.55612?



File Info:

name: A0A3F4531EC85C0979C2.mlw
path: /opt/CAPEv2/storage/binaries/f8c2a78a1f4587bd1eb0081c285fa9110b6b56cbcedcc51642212f2eeb936cee
crc32: 0CC1FFF0
md5: a0a3f4531ec85c0979c26aa48dd2297d
sha1: 76b3ea0d354e61d71a052f62645fd6232becc0b0
sha256: f8c2a78a1f4587bd1eb0081c285fa9110b6b56cbcedcc51642212f2eeb936cee
sha512: bd33bf0d399ffd32529ec661c750f2b51d9487f7b335d5b1742ec7d7367b60ac7272d4d641e905356cc0ef28449455a3e211234b9f43dafee532979385469248
ssdeep: 1536:0mwNSTvXuhi3ugtXjsPZOb5qTx4re5L6dUpe6eC3R+9pNF:u0SU39WcETx4rY6qeNC3wL
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T194A3C001A3D804D9F57607B9ED3706178B70BC522725639F75A8412E2F37AD8EAB3362
sha3_384: 8865669d9b7edfd46ff44c0ab5589cac191367400388e159b4552a6c649ebfb5ce8e84237f8c0cfbf82bbe698e42258e
ep_bytes: e848feffffc82000004c897c24f84883
timestamp: 2012-01-21 08:40:15


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Windows® installer
FileVersion: 5.0.17134.228 (WinBuild.160101.0800)
InternalName: msiexec
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: msiexec.exe
ProductName: Windows Installer - Unicode
ProductVersion: 5.0.17134.228
Translation: 0x0409 0x04b0

Trojan.GenericFCA.Agent.55612 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericFCA.Agent.55612
FireEyeTrojan.GenericFCA.Agent.55612
ALYacTrojan.GenericFCA.Agent.55612
CylanceUnsafe
VIPRETrojan.GenericFCA.Agent.55612
SangforTrojan.Win64.Filecoder.V2vs
CrowdStrikewin/malicious_confidence_70% (W)
CyrenW64/Ipamor.A
SymantecW32.Qakbot!gm
ESET-NOD32Win64/Filecoder.GG
BitDefenderTrojan.GenericFCA.Agent.55612
AvastWin64:Trojan-gen
Ad-AwareTrojan.GenericFCA.Agent.55612
EmsisoftTrojan.GenericFCA.Agent.55612 (B)
McAfee-GW-EditionBehavesLike.Win64.Rootkit.cc
SophosMal/Generic-S
GDataTrojan.GenericFCA.Agent.55612
JiangminTrojan.Blocker.urx
GoogleDetected
MAXmalware (ai score=84)
ArcabitTrojan.GenericFCA.Agent.DD93C
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R532681
McAfeeArtemis!A0A3F4531EC8
RisingRansom.Agent!8.6B7 (CLOUD)
FortinetW64/Filecoder.GG!tr
AVGWin64:Trojan-gen

How to remove Trojan.GenericFCA.Agent.55612?

Trojan.GenericFCA.Agent.55612 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment