Trojan

Trojan.Win64.Agentb.bhp (file analysis)

Malware Removal

The Trojan.Win64.Agentb.bhp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win64.Agentb.bhp virus can do?

  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid

How to determine Trojan.Win64.Agentb.bhp?



File Info:

name: 430161E74FC6CC169E2D.mlw
path: /opt/CAPEv2/storage/binaries/4ac9e5682808eeea8f9704975fb0086cd6671d869642e8128d745027aa151206
crc32: 090A3BFF
md5: 430161e74fc6cc169e2d83bacca00b99
sha1: 8d1b8840348133ba98e9a420007df485faeda555
sha256: 4ac9e5682808eeea8f9704975fb0086cd6671d869642e8128d745027aa151206
sha512: fedf6dc188946f4a69d515e1d9a37c95a84056d203a0174c0206d255148add2a6f40d453235885c3fdf6e5447ef9a07ba21eb29f4a958d347717904abc94dba7
ssdeep: 196608:rgjqwiQzXjfibtV08PIe3lfnBFtnOsb9FAZgBQxnkuIY19hnC:kjqOXsH08B3lfnEsx2ZgzPY1f
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1BC7623FE70583358C0168C745523E906B3F2121D5EF5CABA7ADBBBD07FAB8209916B41
sha3_384: 21290e687b034509bb69a4229f74eab83ee1610f38a3a3a684218f07a5244f7109b84ba651b3954fb8aaa001cb5a9739
ep_bytes: 6892460944e89c543e00718d8f5c5eb1
timestamp: 2021-12-05 14:14:26


Version Info:

0: [No Data]

Trojan.Win64.Agentb.bhp also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.430161e74fc6cc16
McAfeeArtemis!430161E74FC6
CylanceUnsafe
Cybereasonmalicious.034813
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win64/Packed.VMProtect.IH
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.Win64.Agentb.bhp
AvastWin64:Trojan-gen
SophosML/PE-A + Mal/VMProtBad-A
TrendMicroTROJ_GEN.R002C0RL921
McAfee-GW-EditionBehavesLike.Win64.Generic.vc
SentinelOneStatic AI – Malicious PE
AviraTR/Redcap.tcclx
Antiy-AVLTrojan/Generic.ASMalwS.34E7725
GridinsoftRansom.Win64.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataWin64.Trojan.Agent.F8L3JU
AhnLab-V3Trojan/Win.Trojan-gen.C4746153
TrendMicro-HouseCallTROJ_GEN.R002C0RL921
IkarusTrojan.Win64.Vmprotect
FortinetW64/VMProtect.IH!tr
AVGWin64:Trojan-gen
CrowdStrikewin/malicious_confidence_60% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Trojan.Win64.Agentb.bhp?

Trojan.Win64.Agentb.bhp removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment