Trojan

Trojan.Win32.Ekstak.awfja removal tips

Malware Removal

The Trojan.Win32.Ekstak.awfja is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.awfja virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Win32.Ekstak.awfja?



File Info:

name: 39AD9C49BF703256E716.mlw
path: /opt/CAPEv2/storage/binaries/04c0d1096ffc7068944fb651e7c0ca44c2a99a207cee5576f65a29c42b5c5b8d
crc32: 3795E73E
md5: 39ad9c49bf703256e7168daa06ed7c46
sha1: b6ef4c0545b289a51714bb5dc94273cfcf484381
sha256: 04c0d1096ffc7068944fb651e7c0ca44c2a99a207cee5576f65a29c42b5c5b8d
sha512: 05a9b5190765b096952ecc365b8721c063ca95f9de0404b07a16423f6e9763382222ff499567a9c576393314fa3e5b7648882512555fbfcf416c17dcfa18e4ee
ssdeep: 98304:NSxwJPUztq5HzTnflfEpCw3i1c/zCiSxIky6f1qWtOo0uBUtdhi:c+qk5H3nfl8pCZeWiSPy6P0OUt/i
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FA2633300EE57974F1F6CEF92A268225C1117817287452586B5FCE067E23ED337AAF0A
sha3_384: b3c22bbfe25763bacb32464dbe3282fddc120d0fb81aff8474d2d978a71e9e6519ae9aeb4bde7db2dfdb3d27928eac51
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2024-03-04 15:22:48


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Address Book View Setup                                     
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Address Book View                                           
ProductVersion:                     
Translation: 0x0000 0x04b0

Trojan.Win32.Ekstak.awfja also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Ekstak.4!c
CynetMalicious (score: 100)
SkyhighBehavesLike.Win32.BadFile.rc
McAfeeArtemis!39AD9C49BF70
Cylanceunsafe
SangforDropper.Win32.Agent.Vkek
AlibabaTrojanDropper:Win32/Nekark.07f6838b
CrowdStrikewin/malicious_confidence_100% (W)
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
KasperskyTrojan.Win32.Ekstak.awfja
F-SecureTrojan.TR/AD.Nekark.oltca
DrWebTrojan.Zadved.1796
Trapminesuspicious.low.ml.score
SophosGeneric Reputation PUA (PUA)
IkarusTrojan.Win32.FakeAV
AviraTR/AD.Nekark.oltca
ZoneAlarmTrojan.Win32.Ekstak.awfja
GDataWin32.Backdoor.Bodelph.DKY1GS
VaristW32/Agent.NECR-1209
AhnLab-V3Trojan/Win.Malware-gen.C5597219
DeepInstinctMALICIOUS
MalwarebytesAdware.DownloadAssistant
TrendMicro-HouseCallTROJ_GEN.R002H0DC424
SentinelOneStatic AI – Suspicious PE
FortinetW32/Agent.SLC!tr

How to remove Trojan.Win32.Ekstak.awfja?

Trojan.Win32.Ekstak.awfja removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment