Trojan

Trojan.Win32.Agentb.kahw information

Malware Removal

The Trojan.Win32.Agentb.kahw is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Agentb.kahw virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Trojan.Win32.Agentb.kahw?



File Info:

crc32: A3B30B7C
md5: 6c0a8a2b30b2e35564f83da09a143cf2
name: upload_file
sha1: 4ce0c5b010bd56c5dcd2bfc76f98ab64bfb70e54
sha256: d0b9cef00b943a7861cf5bceaadff3ddadb7247e540361543b0279fe3c716e86
sha512: 535f6a39275e5114a2c2b9c97e9614da5a8876f605b461fd5ea7454497bb12b9492f8137dbda431202094d0a3fe56330bf407edfc284cba14d2a16dd2f3e4e78
ssdeep: 6144:lif3ei2lpZqRzZclaOyugXi2w5O2dw0ddLWCYPvw5izPUaBHjw8QUllWy6berHDT:M/L3rcqEBRaCY3iQPUaNU8DnX6a
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
InternalName: HDF.AT Interactive Stock Chart
FileVersion: 2.27.0.5
CompanyName: Intech Solutions
ProductName: HDF.AT Interactive Stock Chart
ProductVersion: 2.27.0.5
FileDescription: MS masked edit control at the heart
OriginalFilename: HDF.AT Interactive Stock Chart.exe

Trojan.Win32.Agentb.kahw also known as:

BkavW32.EmotetDBP.Trojan
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.43943322
CAT-QuickHealTrojan.Emotetcrypt
McAfeeTrickbot-FSTA!6C0A8A2B30B2
CylanceUnsafe
ZillyaTrojan.Injector.Win32.776903
AegisLabTrojan.Win32.Generic.4!c
K7AntiVirusTrojan ( 0057019f1 )
BitDefenderTrojan.GenericKD.43943322
K7GWTrojan ( 005701911 )
CrowdStrikewin/malicious_confidence_80% (W)
ArcabitTrojan.Generic.D29E859A
TrendMicroTROJ_FRS.0NA104J120
CyrenW32/Kryptik.CBR.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Generic-9769612-0
KasperskyTrojan.Win32.Agentb.kahw
AlibabaTrojan:Win32/Agentb.cfe6a84d
NANO-AntivirusTrojan.Win32.Emotet.hxrcsa
Ad-AwareTrojan.GenericKD.43943322
EmsisoftTrojan.Emotet (A)
ComodoMalware@#4kszb1v70hh2
F-SecureHeuristic.HEUR/AGEN.1138526
DrWebTrojan.Emotet.1030
VIPRETrojan.Win32.Generic!BT
InvinceaMal/Generic-R + Troj/Emotet-CQB
McAfee-GW-EditionBehavesLike.Win32.Generic.hh
FireEyeGeneric.mg.6c0a8a2b30b2e355
SophosTroj/Emotet-CQB
IkarusTrojan-Banker.Emotet
JiangminTrojan.Banker.Emotet.otr
AviraHEUR/AGEN.1138526
MAXmalware (ai score=81)
Antiy-AVLTrojan[Banker]/Win32.Emotet
MicrosoftTrojan:Win32/EmotetCrypt.ARJ!MTB
ViRobotTrojan.Win32.Z.Highconfidence.516096.AD
ZoneAlarmTrojan.Win32.Agentb.kahw
GDataTrojan.GenericKD.43943322
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Emotet.R352589
Acronissuspicious
ALYacTrojan.Agent.Emotet
VBA32Trojan.Emotet
MalwarebytesTrojan.Emotet
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Injector.ENLZ
TrendMicro-HouseCallTROJ_FRS.0NA104J120
RisingTrojan.Kryptik!1.C606 (CLASSIC)
YandexTrojan.Agentb!8KDaoaxFD4s
SentinelOneDFI – Malicious PE
FortinetW32/ENLZ!tr
WebrootW32.Trojan.Emotet
AVGWin32:Trojan-gen
Cybereasonmalicious.010bd5
AvastWin32:Trojan-gen
Qihoo-360Trojan.Generic

How to remove Trojan.Win32.Agentb.kahw?

Trojan.Win32.Agentb.kahw removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment