Trojan

Trojan.Win32.Agent.xamygb removal guide

Malware Removal

The Trojan.Win32.Agent.xamygb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Agent.xamygb virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Trojan.Win32.Agent.xamygb?



File Info:

name: DCCEF6B16EC16A1D03AB.mlw
path: /opt/CAPEv2/storage/binaries/6c50dde1929df75d79bfb408a02fb950a9fc3f42b34b69fb4b6ca9a54c55e8af
crc32: 172A7D34
md5: dccef6b16ec16a1d03ab35adcefa1ef1
sha1: 50cb484542d87900cedb47a4db7b5a5e75991c4d
sha256: 6c50dde1929df75d79bfb408a02fb950a9fc3f42b34b69fb4b6ca9a54c55e8af
sha512: 5478ccb1b501ee38cd422530078c619cb675b15680952c583a9a8b86f7237ae1b79484e98c2d7b31589beeb0e1bc9951014b4f541b54f713847960f5f69ea4b4
ssdeep: 192:d7BkS85UOYbHUwMJBayEgLEhOfHwDjss:XaFYbHfMJBayL4j
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19FD1D614E3E84736DDBB0F32AD72735146B4F344986B8B6DBC84521A9E367460A23F72
sha3_384: e4edb2263ba31ca57d3872074fac898c22ca2e907733f0229ec45a6bbb1e5b83a5f1cbf24ca6ea686ad33a420f145d09
ep_bytes: ff250020400000000000000000000000
timestamp: 2091-01-15 08:07:38


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: WindowsDefence(x64)
FileVersion: 1.0.0.0
InternalName: WindowsDefence(x64).exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: WindowsDefence(x64).exe
ProductName: WindowsDefence(x64)
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan.Win32.Agent.xamygb also known as:

MicroWorld-eScanTrojan.GenericKD.38818144
FireEyeTrojan.GenericKD.38818144
ALYacTrojan.GenericKD.38818144
SangforTrojan.MSIL.Agent.gen
K7AntiVirusRiskware ( 00584baa1 )
K7GWRiskware ( 00584baa1 )
ArcabitTrojan.Generic.D2505160
BitDefenderThetaGen:NN.ZemsilCO.34212.am0@aS6ivTb
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/CoinMiner.BPX
TrendMicro-HouseCallTROJ_GEN.R049C0PB622
KasperskyTrojan.Win32.Agent.xamygb
BitDefenderTrojan.GenericKD.38818144
AvastWin32:TrojanX-gen [Trj]
Ad-AwareTrojan.GenericKD.38818144
SophosMal/Generic-S
TrendMicroTROJ_GEN.R049C0PB622
McAfee-GW-EditionRDN/Generic.dx
EmsisoftTrojan.GenericKD.38818144 (B)
IkarusTrojan.MSIL.CoinMiner
AviraHEUR/AGEN.1236212
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
ZoneAlarmTrojan.Win32.Agent.xamygb
GDataTrojan.GenericKD.38818144
CynetMalicious (score: 100)
McAfeeRDN/Generic.dx
MAXmalware (ai score=85)
VBA32TScope.Trojan.MSIL
CylanceUnsafe
APEXMalicious
RisingTrojan.Generic/MSIL@AI.90 (RDM.MSIL:u01caS1U5+Zi8xephumk7Q)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetAdware/Miner
AVGWin32:TrojanX-gen [Trj]
PandaTrj/CI.A

How to remove Trojan.Win32.Agent.xamygb?

Trojan.Win32.Agent.xamygb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment