Trojan.VBS.Agent.bdu malicious file

The Trojan.VBS.Agent.bdu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.VBS.Agent.bdu virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan.VBS.Agent.bdu?


File Info:
name: ECA21E7638208534F567.mlw
path: /opt/CAPEv2/storage/binaries/aece5fa34ef2a75f82f720b1dfbedc968c308b20b58d7fdd13ed16784ec8327a
crc32: 95D47665
md5: eca21e7638208534f567da165050b76c
sha1: 672f799060c080baa2ccdc403bab56a632a66ac4
sha256: aece5fa34ef2a75f82f720b1dfbedc968c308b20b58d7fdd13ed16784ec8327a
sha512: f74a57e754ce9eeb0990d3ed0be94ddfe7c3d8befaeffca4dc91dba30a9df1a70bddc214fe1d9ae453aa9de3231f2e459f93d0ed266f75fec7d2afc0348643e4
ssdeep: 196608:SKqN16Li5Zew9oSVinMGyYUIje45279lgFAu8ekDkvdDbfQwzq5AqUzFThp:SX6KZ3mSuryJIjc9wAu8e6GdDMwztqGZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T172A633D95248DE9BCEA613F00A73DE3C4E6CFD61183611BC862BB1EEDE1325450B568B
sha3_384: c20afa8e88bf964aca6bfa3f3718d3188fe1c420f82aa2a63e5efd568610b8aaa176e15233ce2440089850291fa2d496
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-09-18 13:57:39

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: RisenLauncher.exe.exe
LegalCopyright:  
OriginalFilename: RisenLauncher.exe.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan.VBS.Agent.bdu also known as:

Lionic	Trojan.Win32.Agent.Y!c
MicroWorld-eScan	IL:Trojan.MSILZilla.19239
FireEye	Generic.mg.eca21e7638208534
CAT-QuickHeal	Trojan.GenericFC.S30155648
McAfee	Artemis!ECA21E763820
Malwarebytes	Spyware.PasswordStealer.MSIL.Generic
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 700000121 )
Alibaba	TrojanPSW:MSIL/XWormRAT.20ff2723
K7GW	Trojan ( 700000121 )
CrowdStrike	win/malicious_confidence_100% (W)
Arcabit	IL:Trojan.MSILZilla.D4B27
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.FOV
Cynet	Malicious (score: 99)
APEX	Malicious
ClamAV	Win.Packed.Msilzilla-10008147-0
Kaspersky	Trojan.VBS.Agent.bdu
BitDefender	IL:Trojan.MSILZilla.19239
Emsisoft	IL:Trojan.MSILZilla.19239 (B)
DrWeb	Trojan.MulDropNET.65
TrendMicro	TROJ_GEN.R002C0DII23
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Avira	TR/Drop.Agent.elvba
MAX	malware (ai score=85)
Microsoft	Trojan:MSIL/XWormRAT.A!MTB
ViRobot	Trojan.Win.Z.Agent.10142720
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Coins.gen
GData	IL:Trojan.MSILZilla.19239
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5052738
BitDefenderTheta	Gen:NN.ZemsilF.36662.@p0@aaV6VK
ALYac	IL:Trojan.MSILZilla.19239
Cylance	unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DII23
Rising	Stealer.Coins!8.133E9 (CLOUD)
Ikarus	Trojan-Dropper.MSIL.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.FOV!tr
Cybereason	malicious.060c08
DeepInstinct	MALICIOUS

How to remove Trojan.VBS.Agent.bdu?

Trojan.VBS.Agent.bdu removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X