Trojan

Trojan.Win32.Ekstak.anzxj removal

Malware Removal

The Trojan.Win32.Ekstak.anzxj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.anzxj virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan.Win32.Ekstak.anzxj?



File Info:

name: F31A12926562760D4C2A.mlw
path: /opt/CAPEv2/storage/binaries/2f0dbd67160986094009abf11bcd1e7b6f802645ce673d2b6fd2ae481d0718df
crc32: C2E8D3CA
md5: f31a12926562760d4c2a36d980d26e87
sha1: ba990ef1e077b976c102e91e2e29a34acc197f6d
sha256: 2f0dbd67160986094009abf11bcd1e7b6f802645ce673d2b6fd2ae481d0718df
sha512: a3add5c8c6fc256935b560713c83aa7bcd9075563cd88242cf3dc03b851240464504d653d7b7fe6d9d5dc9615307c8a7e4d65ad1d83fdf76a057f74ccc7332df
ssdeep: 98304:7m6ClY6fw4XH+WOZV1OA+d8GrapNSwqS2UIPd1rRRKjfUyu3cmT2k2YDTg3YjZ98:66AY6HH8v68R+aIPd1r7KgyQE9Y19xhA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T102463374A6C5F6B0F9235EF48C758979D05A7BF636280610A11C3F6F4E0BAA0CD297C6
sha3_384: 23d76389d9bbc44e6a901e7507c7324c1578c92d0b0989e62a697a57c075f85c0ead8600b7be08f007d976ceb6cf850a
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-07-24 16:48:08


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: ArtMoney LITE Setup                                         
FileVersion:                     
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Trojan.Win32.Ekstak.anzxj also known as:

BkavW32.Common.BF1926F1
Elasticmalicious (high confidence)
MalwarebytesAdware.DownloadAssistant
SangforDownloader.Win32.Agent.V59s
K7AntiVirusTrojan ( 005722f11 )
AlibabaTrojanDropper:Win32/Ekstak.dc9d52f5
K7GWTrojan ( 005722f11 )
CyrenW32/Agent.GUC.gen!Eldorado
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
KasperskyTrojan.Win32.Ekstak.anzxj
AvastOther:Malware-gen [Trj]
TencentWin32.Trojan.Ekstak.Wwhl
F-SecureHeuristic.HEUR/AGEN.1332570
McAfee-GW-EditionBehavesLike.Win32.ObfuscatedPoly.tc
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
GDataWin32.Backdoor.Bodelph.1RMPCZ
AviraHEUR/AGEN.1332570
ZoneAlarmTrojan.Win32.Ekstak.anzxj
MicrosoftTrojan:Win32/ICLoader.JLK!MTB
AhnLab-V3Trojan/Win.Malware-gen.C5462066
McAfeeArtemis!F31A12926562
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CGO23
IkarusTrojan-Dropper.Win32.Agent
MaxSecureTrojan.Malware.214771234.susgen
FortinetW32/Agent.SLC!tr.dldr
AVGOther:Malware-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Trojan.Win32.Ekstak.anzxj?

Trojan.Win32.Ekstak.anzxj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment