Trojan

Trojan.Win32.Ekstak.aoaxj removal

Malware Removal

The Trojan.Win32.Ekstak.aoaxj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.aoaxj virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Win32.Ekstak.aoaxj?



File Info:

name: 481A9CE54F961213548F.mlw
path: /opt/CAPEv2/storage/binaries/93365d20e74e92fad0220d322c3b2cd33f42b9fcb387243df737b06bea44a6eb
crc32: 00D8B12F
md5: 481a9ce54f961213548fd170d6105377
sha1: 35664ae6801c8e382a43767ae6a8b72869944d64
sha256: 93365d20e74e92fad0220d322c3b2cd33f42b9fcb387243df737b06bea44a6eb
sha512: e037ac9a375806cead19d01ce90ceb3d4efef8db0a83719313633c2feca54d48b5f0d71e6f2b007e7bcdf1bc53996b34fa807a4bccbc23a028a8a4fb355b7332
ssdeep: 196608:T44+k5bDASyBAnL94jWlhHhyA6DAZLHv17pB4zxwZgqgi3w1:TT+iV+AnL94jqDy1DAdVpKzxwZgN1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C876331309DCCA23C60AA93467E2C15B07AEF9176B34F80F9EFC5B5B5616814F1C63A6
sha3_384: 0a4e747c658a8cf74dccf5d37c404839b6f0e7e2ff6e6e084e1ea9dae0f36fd2c858c21dc9b1a84f258454b7bf02d011
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-07-27 19:08:14


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: WinToUSB Setup                                              
FileVersion:                     
LegalCopyright:                                                                                                     
Translation: 0x0409 0x04e4

Trojan.Win32.Ekstak.aoaxj also known as:

BkavW32.Common.94CC3723
McAfeeArtemis!481A9CE54F96
Cylanceunsafe
SangforDropper.Win32.Agent.Vy58
K7AntiVirusTrojan ( 005722fe1 )
K7GWTrojan ( 005722fe1 )
CyrenW32/Agent.GVJ.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
KasperskyTrojan.Win32.Ekstak.aoaxj
AvastOther:Malware-gen [Trj]
TencentWin32.Trojan.Ekstak.Dkjl
F-SecureTrojan.TR/Drop.Agent.otioc
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
GDataWin32.Backdoor.Bodelph.XA7YDS
AviraTR/Drop.Agent.otioc
ZoneAlarmTrojan.Win32.Ekstak.aoaxj
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win.Malware-gen.R594195
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R023H0CH123
FortinetW32/Agent.SLC!tr
AVGOther:Malware-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Trojan.Win32.Ekstak.aoaxj?

Trojan.Win32.Ekstak.aoaxj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment