Trojan

How to remove “Trojan.Win32.Ekstak.alogm”?

Malware Removal

The Trojan.Win32.Ekstak.alogm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.alogm virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Likely virus infection of existing system binary

How to determine Trojan.Win32.Ekstak.alogm?



File Info:

name: EFA23DF33D5360BA8A4F.mlw
path: /opt/CAPEv2/storage/binaries/2bb816f6980ad80586df62eeb339ac939025fd3dc026c95da957a2c54bf3f319
crc32: 015CE6C7
md5: efa23df33d5360ba8a4f9c192698b2b2
sha1: 21d2ec927c66a3bbf64a91aa95f06e024b858254
sha256: 2bb816f6980ad80586df62eeb339ac939025fd3dc026c95da957a2c54bf3f319
sha512: 9010ec6b7c7bb46cd285329e9d0000f38d577bcde1dc969358d7c3ee0647b646783cd649c55b2f8c74a371e5b081e9c701523ee1bd650d743e484453a61eae17
ssdeep: 196608:3vgWW3YkRwApssgDXYzyEWUpKES8S+EW6pyPdirCjDy+nH2OG:IWW3mRXU89mXlhnH2OG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T196B622FBA26CA13ED7EA47F1497282705977FE61651E8C1A0FE0350DCF325B01E2A616
sha3_384: 9e796e27a74a64afad2a2b22e83c3f140638c906b08c5915ba9354ae3d4cd73cc1afa71b0867cc4ec0bcbd1bc40aa2d6
ep_bytes: 558bec83c4a453565733c08945c08945
timestamp: 2020-03-14 17:59:41


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: kMobie Inc.                                                 
FileDescription: ACPhoneRescue Setup                                         
FileVersion:                     
LegalCopyright:                                                                                                     
OriginalFileName:                                                   
ProductName: ACPhoneRescue                                               
ProductVersion: 2.1.1.13                                          
Translation: 0x0000 0x04b0

Trojan.Win32.Ekstak.alogm also known as:

McAfeeArtemis!EFA23DF33D53
MalwarebytesAdware.DownloadAssistant
SangforTrojan.Win32.Wacatac.B
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
TrendMicro-HouseCallTROJ_GEN.R002H0DB122
ClamAVWin.Adware.Dealalpha-9835537-0
KasperskyTrojan.Win32.Ekstak.alogm
AvastWin32:Adware-gen [Adw]
ZillyaTrojan.Ekstak.Win32.59649
McAfee-GW-EditionBehavesLike.Win32.Dropper.vc
MicrosoftTrojan:Script/Phonzy.C!ml
ZoneAlarmTrojan.Win32.Ekstak.alogm
GDataWin32.Backdoor.Bodelph.I6F4T9
CylanceUnsafe
APEXMalicious
FortinetRiskware/Agent
AVGWin32:Adware-gen [Adw]

How to remove Trojan.Win32.Ekstak.alogm?

Trojan.Win32.Ekstak.alogm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment