Trojan

Trojan.Win32.Ekstak.awzka removal tips

Malware Removal

The Trojan.Win32.Ekstak.awzka is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Ekstak.awzka virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Win32.Ekstak.awzka?



File Info:

name: 17306C5FD484C549918D.mlw
path: /opt/CAPEv2/storage/binaries/51d2699f189cc60451a395fc98d68fecdfb8cbf9c798060a17129f037b7752f1
crc32: B5CD9095
md5: 17306c5fd484c549918d38e15830923b
sha1: 1ec1bcfb8ecebf6a4f9843d66316c19206aa360b
sha256: 51d2699f189cc60451a395fc98d68fecdfb8cbf9c798060a17129f037b7752f1
sha512: abd82e020b281088bbee0623e49ee5e021fc67270c410896b83af034508661b51a557d48bd60bb3db803d00f85f5a48ba6091b359b3e493e9eb733914a7828e1
ssdeep: 98304:2rXKtGQnkni9PvWvHrHBypqnz2b4/rvI7:EatGQ8YPUoirw7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10BE5338291710779E676ADB26A04993CA7373A6F9C30584E328CFD7E0F3748B116472E
sha3_384: 01395772c7273f8d8c22fa9d1c52e846626775b7ec2bd1330f0eb73474bcc8eee4f5f4700f9b0bc3800f79ab39a92bee
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2024-04-02 17:03:01


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: AI Photo Object Eraser Setup                                
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: AI Photo Object Eraser                                      
ProductVersion:                     
Translation: 0x0000 0x04b0

Trojan.Win32.Ekstak.awzka also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Ekstak.4!c
SkyhighBehavesLike.Win32.BadFile.wc
MalwarebytesGeneric.Malware/Suspicious
SangforTrojan.Win32.Agent.Vzo7
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002H0CD224
KasperskyTrojan.Win32.Ekstak.awzka
AvastFileRepMalware [Adw]
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1372994
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1372994
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmTrojan.Win32.Ekstak.awzka
GDataWin32.Backdoor.Bodelph.X9XST3
CynetMalicious (score: 99)
McAfeeArtemis!17306C5FD484
PandaTrj/Chgt.AD
IkarusTrojan.Win32.Crypt
AVGFileRepMalware [Adw]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Win32.Ekstak.awzka?

Trojan.Win32.Ekstak.awzka removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment