Trojan

Should I remove “Trojan.Win32.Ekstak.aocqk”?

Malware Removal

The Trojan.Win32.Ekstak.aocqk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.aocqk virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Win32.Ekstak.aocqk?



File Info:

name: EAD7AE09C3A507266D58.mlw
path: /opt/CAPEv2/storage/binaries/3297c073c9d394ac8a961ed11fd56e2ca925b05ef38485c3e259141513d4cdf5
crc32: 5CA629F1
md5: ead7ae09c3a507266d58477b96ce5818
sha1: 9e69e8c9558ebe8a7e64a164d8bf5229e09d296d
sha256: 3297c073c9d394ac8a961ed11fd56e2ca925b05ef38485c3e259141513d4cdf5
sha512: 7a31da726988ed0c1bcc98f6debc554af24f71f6ae5c9a6ed05978bddfafcb618423ce24dbc299f02f3fd6142390faae6d504f3d7c8e7e3a2c90a61efe875200
ssdeep: 98304:5dhZ4QWq+1yFc7DRZW8+jkyYaNQ8fwgNk3PhNgip3ATQp1dmmhmQl9j6KOG8MLck:DWq23W8JyVPkvgipQMp1NhmQl9joGtAo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F1863396D3B4C1F4DDA3ABB45A8223B9FF3F7640D8508436B2C9460E9191C6D0D1B6BE
sha3_384: c21ab9e42f9ce9113e8a1a66f7cfbd8978e14ef9b0f30a7fe11ea1a95482276e820ed5303c8ab1ff96c21dc1d0426b3b
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-08-02 22:14:21


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Ashb Burning Studio Setup                                   
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Ashb Burning Studio                                         
ProductVersion:                     
Translation: 0x0000 0x04b0

Trojan.Win32.Ekstak.aocqk also known as:

BkavW32.Common.8570C7AF
Elasticmalicious (high confidence)
McAfeeArtemis!EAD7AE09C3A5
MalwarebytesAdware.DownloadAssistant
SangforTrojan.Win32.Agent.Vbc9
K7AntiVirusTrojan ( 005722f11 )
K7GWTrojan ( 005722f11 )
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
KasperskyTrojan.Win32.Ekstak.aocqk
AvastOther:Malware-gen [Trj]
TencentWin32.Trojan.Ekstak.Adhl
F-SecureHeuristic.HEUR/AGEN.1332570
McAfee-GW-EditionArtemis!Trojan
SophosGeneric Reputation PUA (PUA)
AviraHEUR/AGEN.1332570
ZoneAlarmTrojan.Win32.Ekstak.aocqk
MicrosoftProgram:Win32/Wacapew.C!ml
AhnLab-V3Downloader/Win.Generic.C5466647
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H0AH223
FortinetW32/Agent.SLC!tr
AVGOther:Malware-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan.Win32.Ekstak.aocqk?

Trojan.Win32.Ekstak.aocqk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment