Trojan

What is “Trojan.Win32.Ekstak.aweai”?

Malware Removal

The Trojan.Win32.Ekstak.aweai is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.aweai virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan.Win32.Ekstak.aweai?



File Info:

name: 3D811FBD8F0FCD88769A.mlw
path: /opt/CAPEv2/storage/binaries/434264d04de74677c57ee1b746928fc58ac97d9edfd601772868d56ae4cd2fa8
crc32: 865987E5
md5: 3d811fbd8f0fcd88769a563771e548d3
sha1: a27c49a6048d53a00a1be774b7c557709f9aabd5
sha256: 434264d04de74677c57ee1b746928fc58ac97d9edfd601772868d56ae4cd2fa8
sha512: 12398a0a668c504bb432e658aba2969a9db8f5b5583ae3cb073f06f0cc20ba3f42b69d0d683125de927ee316c4d2b5ea72679cb16fbe4a754d2d9c1ff3dae5ed
ssdeep: 98304:XIpILvfBHXVWTEHWhNfuCt0pJ5FQR3y230BgXNjS3jNPPvYYhcuHOlxZgaydVk:42vhXETEHWhNzt0pJIbGj57hDOl/yTk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T133663333B1A50EF0F1B187387D27D599C8E36A1F08747D8CB00CDBA3AFA561560B65A6
sha3_384: ddecf69e88520a9206313309c430c0cffbde1d05926c8ef1f1ba6230ad09a9f940c659f0cbc245c6adf3d03f42f869af
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2024-03-02 19:10:52


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Lessy E-Mail Notifer Setup                                  
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Lessy E-Mail Notifer                                        
ProductVersion:                     
Translation: 0x0000 0x04b0

Trojan.Win32.Ekstak.aweai also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Ekstak.4!c
Elasticmalicious (high confidence)
Cylanceunsafe
SangforTrojan.Win32.Agent.Vaqc
CrowdStrikewin/malicious_confidence_100% (W)
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
CynetMalicious (score: 100)
APEXMalicious
KasperskyTrojan.Win32.Ekstak.aweai
AvastOther:Malware-gen [Trj]
TencentWin32.Trojan.Ekstak.Xmhl
F-SecureTrojan.TR/AD.Nekark.edrgq
Trapminesuspicious.low.ml.score
SophosGeneric Reputation PUA (PUA)
IkarusTrojan.Win32.FakeAV
GDataWin32.Backdoor.Bodelph.MLPIEU
VaristW32/Agent.FQQN-1699
AviraTR/AD.Nekark.edrgq
KingsoftWin32.Trojan.Ekstak.a
ZoneAlarmTrojan.Win32.Ekstak.aweai
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win.Malware-gen.C5596430
MalwarebytesGeneric.Malware/Suspicious
TrendMicro-HouseCallTROJ_GEN.R002H0DC224
SentinelOneStatic AI – Malicious PE
FortinetMalicious_Behavior.SB
AVGOther:Malware-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan.Win32.Ekstak.aweai?

Trojan.Win32.Ekstak.aweai removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment