Trojan

Trojan.Win32.Ekstak.alnxh malicious file

Malware Removal

The Trojan.Win32.Ekstak.alnxh is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.alnxh virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Likely virus infection of existing system binary
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.Win32.Ekstak.alnxh?



File Info:

name: C9C0C8F55D559D7AE9D2.mlw
path: /opt/CAPEv2/storage/binaries/b0e646b70b19a3f591f403594d2db5e66a4cd916437f1212ad7761d3b8ecd65b
crc32: 083932F6
md5: c9c0c8f55d559d7ae9d2e2e302ffb04f
sha1: e475258d0d7f204b06c8d30087168d6783471344
sha256: b0e646b70b19a3f591f403594d2db5e66a4cd916437f1212ad7761d3b8ecd65b
sha512: 8125184d3c0955af06215d42c74aa943065adb1e8c7a7963098cc57559abae046d6f128538ccec0fc16fbcbaff3d879d3c4f85e2b0f001b459109069dd1b5786
ssdeep: 196608:PncT1h+p3DNVuPNsmQRdqnVjVNu9rUP8SzjZ66LBtSs9iwnk3OzoBOxk:fGhNPNs1GnMo8SzkOBB2Ofk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FCA6233FB268653ED5AE0B7245B39320597BBB61A81A8C2F0BF0491DCF225701E3F655
sha3_384: 29e7956255355bc12e62429dd5d9db178284c058f78f09cb0d9abee77cada1909349fb5371d6dc0f7420a5135be35869
ep_bytes: 558bec83c4a453565733c08945c08945
timestamp: 2020-03-14 17:59:41


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: Ile Master LLD                                              
FileDescription: Ord Repair Toolbox Setup                                    
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: Ord Repair Toolbox                                          
ProductVersion:                                                   
Translation: 0x0000 0x04b0

Trojan.Win32.Ekstak.alnxh also known as:

McAfeeArtemis!C9C0C8F55D55
CylanceUnsafe
SangforTrojan.Win32.Sabsik.FL
K7GWTrojan ( 005722fe1 )
K7AntiVirusTrojan ( 005722fe1 )
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
KasperskyTrojan.Win32.Ekstak.alnxh
APEXMalicious
TencentWin32.Trojan.Ekstak.Tbie
ZillyaTrojan.Ekstak.Win32.59649
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
Antiy-AVLTrojan/Generic.ASMalwS.3520E62
MicrosoftTrojan:Script/Phonzy.C!ml
GDataWin32.Trojan.BSE.1KA5L9G
CynetMalicious (score: 100)
MalwarebytesAdware.DownloadAssistant
AvastWin32:Adware-gen [Adw]
AVGWin32:Adware-gen [Adw]

How to remove Trojan.Win32.Ekstak.alnxh?

Trojan.Win32.Ekstak.alnxh removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment