Trojan

Trojan.Win32.Ekstak.alooj removal instruction

Malware Removal

The Trojan.Win32.Ekstak.alooj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.alooj virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Likely virus infection of existing system binary

How to determine Trojan.Win32.Ekstak.alooj?



File Info:

name: 7EDB0DE6D09A7A1D11CD.mlw
path: /opt/CAPEv2/storage/binaries/b50c6942350ed2b778ada7c517e4727f1b1ea296989a3b7e4492b1dcde7a053d
crc32: 9FFC2A26
md5: 7edb0de6d09a7a1d11cd4aac433bd3e6
sha1: 989ae6ebbe3ee95f023460d888c09c730f3671ec
sha256: b50c6942350ed2b778ada7c517e4727f1b1ea296989a3b7e4492b1dcde7a053d
sha512: e4d45848e11088d0a9f249c9cab11e9a717ecbfc35743a4f137589bb017b6d4c940b2a973fb670432ca8bd9d16184fef85003cc6d62378fbb3e93d7d87fd6a63
ssdeep: 196608:tEh4jTpBkV0XnfwM2HE5NmqM+htHrlPf8zmtINcRR/4G9cLygHq6vFQVyk3tyE:r3kV0XnfjWwDM+XHrFf8bAQAcLTk3tt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C1A633575601CE3CECAFEAF83B28401C9D1A7EF63F151780071FF2869DB60826667969
sha3_384: 0c125245995bf360daa8542aceddd02b23307623a1c3cedfe1737af69fc8d9b1e07c3bc13be5d9dae422318c86456392
ep_bytes: 558bec83c4cc53565733c08945f08945
timestamp: 1992-06-19 22:22:17


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: CE Master LLE                                               
FileDescription: QM Server Repair Toolbox Setup                              
FileVersion:                     
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Trojan.Win32.Ekstak.alooj also known as:

McAfeeArtemis!7EDB0DE6D09A
CylanceUnsafe
K7AntiVirusTrojan ( 005722f11 )
K7GWTrojan ( 005722f11 )
CyrenW32/Ekstak.BP.gen!Eldorado
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
Paloaltogeneric.ml
KasperskyTrojan.Win32.Ekstak.alooj
AvastWin32:Adware-gen [Adw]
TencentWin32.Trojan-dropper.Agent.Amwp
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
IkarusTrojan-Dropper.Win32.Agent
GDataWin32.Backdoor.Bodelph.MDDU34
AviraTR/ICLoader.psxmm
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
AhnLab-V3Adware/Win.Adware-gen.R470980
VBA32Trojan.Ekstak
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R002H0CB722
FortinetW32/Agent.SLC!tr
AVGWin32:Adware-gen [Adw]
PandaTrj/CI.A

How to remove Trojan.Win32.Ekstak.alooj?

Trojan.Win32.Ekstak.alooj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment