Trojan

Trojan.Win32.Ekstak.apkrz removal

Malware Removal

The Trojan.Win32.Ekstak.apkrz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.apkrz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Transacted Hollowing

How to determine Trojan.Win32.Ekstak.apkrz?



File Info:

name: 223C03985CDAD12C2EBA.mlw
path: /opt/CAPEv2/storage/binaries/052b715b103cf255d213a9e9cea91d25870123d44e1fabc21590cc63b311577c
crc32: 324B343C
md5: 223c03985cdad12c2ebac593503e0439
sha1: ff356a4134fe2db09cae182a47501a6027fabed5
sha256: 052b715b103cf255d213a9e9cea91d25870123d44e1fabc21590cc63b311577c
sha512: c36998346625d43cc57ffadb939398e66f7d11d3c9fd8531808871ab5d79ea3e73e2a37f1dab0bd1215e051d9beab4f90e892ebdb5e462cbee397ec7b2ac3386
ssdeep: 196608:FY0KyfGgXukCZjTCwO/I2zBJNDWj9MZ7H:RXukCZjBPYngjeFH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EB7633C23026E476C275E63C29F7865185EBBCD249E6E8F6BD7D7B1E1A33B048448253
sha3_384: 2d909409c831b9ac8566dc2b9f68ac3d25669964388cd5f8c8682fa18c4d5de6701352e2aefb63f3121a19052380a8e0
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-10-27 06:53:34


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: DAG Codec Setup                                             
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: DAG Codec                                                   
ProductVersion:                     
Translation: 0x0000 0x04b0

Trojan.Win32.Ekstak.apkrz also known as:

Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.ObfuscatedPoly.vc
MalwarebytesAdware.DownloadAssistant
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
KasperskyTrojan.Win32.Ekstak.apkrz
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmTrojan.Win32.Ekstak.apkrz
McAfeeArtemis!223C03985CDA
IkarusTrojan-Dropper.Win32.Agent
AVGOther:Malware-gen [Trj]
AvastOther:Malware-gen [Trj]

How to remove Trojan.Win32.Ekstak.apkrz?

Trojan.Win32.Ekstak.apkrz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment