Trojan

How to remove “Trojan.Win32.Ekstak.alnrf”?

Malware Removal

The Trojan.Win32.Ekstak.alnrf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.alnrf virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Likely virus infection of existing system binary
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.Win32.Ekstak.alnrf?



File Info:

name: 09A4AA2D50496A37FD64.mlw
path: /opt/CAPEv2/storage/binaries/7db9b8c8ba53135e334c8a6e50dfbf6ef284f89a89daf2c07f765a4e522a8d0f
crc32: FF3B06B7
md5: 09a4aa2d50496a37fd64b10bb2971624
sha1: 8b51f157967dcf0ef41932be8cda0ab830ae933c
sha256: 7db9b8c8ba53135e334c8a6e50dfbf6ef284f89a89daf2c07f765a4e522a8d0f
sha512: e698ef22965d35560e1daa309ae5b7ccd42dcdbcffe461bcd7a187684121072077f233a195ee676dbd1655721cba85eabba10dc9aa4d851d3aa42792cca7bc7f
ssdeep: 196608:E71CIPPVJYhFFhrHTRmqbJDCEHGZqkhVQVnMTI8AT1fyYD:vGPXEFhTTRmqpCEHGpQaLATjD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19886235BAF8192FEDA459C75E62048F82DF27237183464CC0BB99BB90E356E5C7270D2
sha3_384: 5051b64597d0e32a4a185038299513583bd986ef79f165c589ca6ffca60a6d9de5dd9859e4397342e4a19468ab52fbc5
ep_bytes: 558bec83c4cc53565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: VerD Keys                                                   
FileDescription: VerD Keys Setup                                             
FileVersion:                     
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Trojan.Win32.Ekstak.alnrf also known as:

LionicTrojan.Multi.Generic.4!c
McAfeeArtemis!09A4AA2D5049
CylanceUnsafe
K7AntiVirusTrojan ( 005722fe1 )
K7GWTrojan ( 005722fe1 )
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
TrendMicro-HouseCallTROJ_GEN.R002H0DAT22
KasperskyTrojan.Win32.Ekstak.alnrf
TencentWin32.Trojan.Ekstak.Hfg
McAfee-GW-EditionBehavesLike.Win32.Dropper.rc
SophosMal/Generic-S
IkarusTrojan-Dropper.Win32.Agent
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmTrojan.Win32.Ekstak.alnrf
GDataWin32.Backdoor.Bodelph.L73PLA
CynetMalicious (score: 100)
AhnLab-V3Adware/Win.Adware-gen.R469588
VBA32Trojan.Sabsik.FL
MalwarebytesAdware.DownloadAssistant
AvastWin32:Adware-gen [Adw]
FortinetRiskware/Agent
AVGWin32:Adware-gen [Adw]

How to remove Trojan.Win32.Ekstak.alnrf?

Trojan.Win32.Ekstak.alnrf removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment