Trojan

Trojan.Win32.Agent.xbnivq malicious file

Malware Removal

The Trojan.Win32.Agent.xbnivq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Agent.xbnivq virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.Win32.Agent.xbnivq?



File Info:

name: B7B326E855911D929A56.mlw
path: /opt/CAPEv2/storage/binaries/1b71994faf01fa7b265feed2a434a9dd06e5c3eb4a10e3743ab83da84f60b7fa
crc32: 74F29EF5
md5: b7b326e855911d929a56221d7420438d
sha1: 004eb86b2f69a44eb4dff49fc0bce636316e0fd3
sha256: 1b71994faf01fa7b265feed2a434a9dd06e5c3eb4a10e3743ab83da84f60b7fa
sha512: 94a1e171d3c85406e9209f3b3d5a8a642a49d72b18d4ecb1b015137fccce3d1e8bbd6ce0efe5da9bb77c928e3b8cbf852afa27cdd46153dcab14f6f75983f2d4
ssdeep: 3072:1bACog2dI05YtbY2PzcjffT/EChCPIppnmHCxVhH0DhL1SSu35lV:1b1oG8YtBP4jffC0zF0D9wSu3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C9A494929C64AF45FE16453427956EBA004E7D2F66E4422C785CFA0B337399B30AFD0B
sha3_384: 0b485acb13d58f210f36cb39f6158495faa1539dd19606177db7093d5e55772804eaca42d3bd6eb01001b895b559e5e2
ep_bytes: 68e4914200e8eeffffff000000000000
timestamp: 2019-01-19 13:34:56


Version Info:

CompanyName: UEFI
ProductName: Kawaii-Unicorn
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Kawaii-Unicorn
OriginalFilename: Kawaii-Unicorn.exe
Translation: 0x0804 0x04b0

Trojan.Win32.Agent.xbnivq also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
SkyhighBehavesLike.Win32.Generic.gt
ALYacGeneric.Dacic.94CCEEA9.A.83D522C5
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.VBGen.Win32.1
SangforSuspicious.Win32.Save.vb
K7GWP2PWorm ( 0054717e1 )
K7AntiVirusP2PWorm ( 0054717e1 )
ArcabitGeneric.Dacic.94CCEEA9.A.83D522C5
VirITTrojan.Win32.VBUnicorn.AA
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/VBClone.E
APEXMalicious
McAfeeGenericRXTC-TT!B7B326E85591
ClamAVWin.Packed.Generic-9967832-0
KasperskyTrojan.Win32.Agent.xbnivq
BitDefenderGeneric.Dacic.94CCEEA9.A.83D522C5
NANO-AntivirusTrojan.Win32.VB.jownbp
SUPERAntiSpywareTrojan.Agent/Gen-Tedy
MicroWorld-eScanGeneric.Dacic.94CCEEA9.A.83D522C5
AvastWin32:WormX-gen [Wrm]
TencentTrojan.Win32.VB.ha
EmsisoftGeneric.Dacic.94CCEEA9.A.83D522C5 (B)
F-SecureTrojan.TR/VB.Clone.onkgf
DrWebTrojan.MulDrop20.3145
VIPREGeneric.Dacic.94CCEEA9.A.83D522C5
FireEyeGeneric.mg.b7b326e855911d92
SophosTroj/VB-KCP
IkarusTrojan.Win32.VBClone
JiangminTrojan.VB.bmcx
VaristW32/VB.VM.gen!Eldorado
AviraTR/VB.Clone.onkgf
Antiy-AVLTrojan/Win32.VBClone
MicrosoftTrojan:Win32/Fareit.VB!MTB
ZoneAlarmTrojan.Win32.Agent.xbnivq
GDataGeneric.Dacic.94CCEEA9.A.83D522C5
GoogleDetected
AhnLab-V3Trojan/Win.Fareit.R491598
Acronissuspicious
BitDefenderThetaAI:Packer.2252F6B120
MAXmalware (ai score=87)
VBA32SScope.Trojan.VB
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.VBClone!1.B5C7 (CLASSIC)
YandexTrojan.VB!xJwSPP8AVr8
SentinelOneStatic AI – Malicious PE
MaxSecureVirus.W32.GenericML.xnet
FortinetW32/VBClone.D!tr
AVGWin32:WormX-gen [Wrm]
DeepInstinctMALICIOUS

How to remove Trojan.Win32.Agent.xbnivq?

Trojan.Win32.Agent.xbnivq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment