Trojan

Trojan.Win32.Agent.acjqc removal guide

Malware Removal

The Trojan.Win32.Agent.acjqc is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Agent.acjqc virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Anomalous file deletion behavior detected (10+)
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Disables Windows firewall

How to determine Trojan.Win32.Agent.acjqc?



File Info:

name: ADA21C0A9809DE1DDEB7.mlw
path: /opt/CAPEv2/storage/binaries/378a6771a6df25186dc5a0e91437054a1b74770851fdfc9c2527b60ec983eb98
crc32: CF4B17F1
md5: ada21c0a9809de1ddeb7d1cbc0847510
sha1: c30f56bbef81429924e35cb107c5d699ddac9b54
sha256: 378a6771a6df25186dc5a0e91437054a1b74770851fdfc9c2527b60ec983eb98
sha512: 0e1528e0ad7f8e8fdf00f14281ce5df4774e01c1ccd4ddb2ab303729c76f24826b0744027a601b216c801b12ef3beb6adea320c811c3e6cebe7debcd9c8c8572
ssdeep: 1536:zPVDSmqXCI22ZqLYJCwjtJiWXm/FlZnijVar2Hl0sq:TVDSmqXCI2uqLYwg5W/FltS0aFbq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1969302C527A77115E08E4A36C86DFBE0599CBC31A2C44B7941D4BB3BAC3F1807A5F91A
sha3_384: 8c2379a0ee7875535083fc6cd2493a1daa44e7c76887f99b45c04404bd55181c32ffab7e8595e34c7c8cad7173fcbac9
ep_bytes: 60be006042008dbe00b0fdff5783cdff
timestamp: 2009-04-10 10:08:05


Version Info:

Translation: 0x0409 0x04b0
CompanyName: BKHN
ProductName: Server
FileVersion: 2.00
ProductVersion: 2.00
InternalName: 799.636.3369
OriginalFilename: 799.636.3369.exe

Trojan.Win32.Agent.acjqc also known as:

MicroWorld-eScanGen:Trojan.Heur2.GZ.fmKfbm8dP@ai
FireEyeGeneric.mg.ada21c0a9809de1d
ALYacGen:Trojan.Heur2.GZ.fmKfbm8dP@ai
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00063b5f1 )
AlibabaTrojan:Win32/MoSucker.e252f4e2
K7GWTrojan ( 00063b5f1 )
Cybereasonmalicious.a9809d
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of Win32/MoSucker.AA
APEXMalicious
KasperskyTrojan.Win32.Agent.acjqc
BitDefenderGen:Trojan.Heur2.GZ.fmKfbm8dP@ai
NANO-AntivirusTrojan.Win32.Shark.brdva
AvastFileRepMetagen [Trj]
Ad-AwareGen:Trojan.Heur2.GZ.fmKfbm8dP@ai
EmsisoftGen:Trojan.Heur2.GZ.fmKfbm8dP@ai (B)
ComodoMalware@#kk71jpplweir
DrWebTrojan.DownLoader7.4723
ZillyaBackdoor.Shark.Win32.2054
McAfee-GW-EditionBehavesLike.Win32.Generic.nc
SophosMal/Generic-D
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Heur2.GZ.fmKfbm8dP@ai
JiangminTrojan.Agent.cuyw
AviraTR/Crypt.CFI.Gen
ArcabitTrojan.Heur2.GZ.E61D10
ViRobotBackdoor.Win32.A.Shark.95232[UPX]
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!ADA21C0A9809
MAXmalware (ai score=100)
VBA32Backdoor.Shark
MalwarebytesMalware.Heuristic.1003
RisingTrojan.Agent!8.B1E (CLOUD)
YandexTrojan.CFI!T2uVotOHPLo
Ikarusnot-a-virus:AdTool.Win32.VB.a
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
BitDefenderThetaAI:Packer.7854F29120
AVGFileRepMetagen [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Trojan.Win32.Agent.acjqc?

Trojan.Win32.Agent.acjqc removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment