Should I remove “Trojan-Spy.Win32.Stealer.agzt”?

The Trojan-Spy.Win32.Stealer.agzt is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Spy.Win32.Stealer.agzt virus can do?

Dynamic (imported) function loading detected
Reads data out of its own binary image
Authenticode signature is invalid

How to determine Trojan-Spy.Win32.Stealer.agzt?


File Info:
name: 58F6C7E3F5A5A5C64D69.mlw
path: /opt/CAPEv2/storage/binaries/c700c7f7f02870234fc926b97fd5f5dda0880eff8463699a1d76848cd89b1f30
crc32: 99A2A5E4
md5: 58f6c7e3f5a5a5c64d698a6dad943e1b
sha1: c9bd4094aa2e1222426bea6f289b28747b78c97d
sha256: c700c7f7f02870234fc926b97fd5f5dda0880eff8463699a1d76848cd89b1f30
sha512: 6116ebc73fc2f3631da86cfb177614e900d209a118384b974298d3cba288010b4f1550f6e505425d40dcbf820baa39c2b1a28ce7c76f117818decb73d20f0b3b
ssdeep: 98304:mGEIvAnwYddT3vfDba20kaJnsngI62dbPr2feBg/QYgyDECv4dFasrlD:+nwIN3itJnU6QLr2GBmQgECwD/xD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14936224C2153B3ADDC64373B9A7ADF05DAF12C55952681AC39C0FA73E6B2E8149BC342
sha3_384: 3c38c7d3a40326ba97fc7aadff23d55e50ab09d63c19e73bf3d7e55151c57f4ed9cabfb1e1c9a7c4a49cc0aa98f52fbe
ep_bytes: 81ec8401000053565733db6801800000
timestamp: 2019-12-16 00:50:56

Version Info:
Comments: Left Hook Deliv
FileDescription: Make Descision Soft
FileVersion: 4.5.23.2
InternalName: Incirim Nolweas
LegalCopyright: (C) Software Inc.
LegalTrademarks: Software
Translation: 0x0409 0x04e4

Trojan-Spy.Win32.Stealer.agzt also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Stealer.l!c
MicroWorld-eScan	Gen:Variant.Zusy.406127
FireEye	Generic.mg.58f6c7e3f5a5a5c6
McAfee	Artemis!58F6C7E3F5A5
CrowdStrike	win/malicious_confidence_70% (D)
BitDefender	Gen:Variant.Zusy.406127
K7GW	Trojan ( 005826bf1 )
K7AntiVirus	Trojan ( 005826bf1 )
Cyren	W32/Trojan.GVU.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Packed.Themida.IAL
ClamAV	Win.Packed.Razy-9894224-0
Kaspersky	Trojan-Spy.Win32.Stealer.agzt
Alibaba	TrojanSpy:Win32/Stealer.ed29d724
ViRobot	Trojan.Win32.Z.Zusy.5003816
Rising	Trojan.IPLogger/NSIS!1.C696 (CLASSIC)
Emsisoft	Gen:Variant.Zusy.406127 (B)
DrWeb	Trojan.PWS.Siggen3.5170
Zillya	Trojan.Stealer.Win32.18963
McAfee-GW-Edition	BehavesLike.Win32.Dropper.rc
Gridinsoft	Ransom.Win32.Wacatac.sa
Microsoft	Trojan:Win32/Tiggre!rfn
APEX	Malicious
GData	Gen:Variant.Zusy.406127
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.R441806
VBA32	TrojanSpy.Stealer
ALYac	Gen:Variant.Zusy.406127
MAX	malware (ai score=82)
Malwarebytes	Trojan.Downloader
Panda	Trj/CI.A
Tencent	Win32.Packed.Themida.Szlu
AVG	Win32:Trojan-gen
Cybereason	malicious.4aa2e1
Avast	Win32:Trojan-gen

How to remove Trojan-Spy.Win32.Stealer.agzt?

Trojan-Spy.Win32.Stealer.agzt removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X