Trojan

Trojan:Win32/Ekstak.ASEF!MTB removal tips

Malware Removal

The Trojan:Win32/Ekstak.ASEF!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Ekstak.ASEF!MTB virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan:Win32/Ekstak.ASEF!MTB?



File Info:

name: 6D753BC93EE77A19092B.mlw
path: /opt/CAPEv2/storage/binaries/8207aa2f6bf46a0664d0c0e0d316e5a6366433093e387006cfd8ce96b2bec9a8
crc32: 0522AC5C
md5: 6d753bc93ee77a19092b10195e0b856f
sha1: bf6794be84151881c4f1d29f5cb572527394426a
sha256: 8207aa2f6bf46a0664d0c0e0d316e5a6366433093e387006cfd8ce96b2bec9a8
sha512: 01e49a8fc029413d6a0e614067b5ec9500f1fd5acb9870f3820a90a76eb7a10e3fff1b2b255d2af4e1ce574b586aee10970e613b4ae80fede1f398f72b44bbc5
ssdeep: 98304:f2M/o8YAhoMNR5dCk3feRVRDXgyWZxr4vys:V/o8Y4dvImg7DXgy2g
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D936225F2680017FD061F2F3E5D745B1A222EC41BE3861DA5B74B6011A7E183FE4DA6E
sha3_384: b921db7e581e5f6507d2b0449bfac9ea846115dce2d175112bed8018bcb373f8a4f9b9bd655dcead0f5b2cdff5df8955
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-12-25 15:33:30


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: Standard Console DB Setup                                   
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Standard Console DB                                         
ProductVersion: 1.2.2.5             
Translation: 0x0000 0x04b0

Trojan:Win32/Ekstak.ASEF!MTB also known as:

BkavW32.AIDetectMalware
MicroWorld-eScanTrojan.Generic.35232115
FireEyeTrojan.Generic.35232115
SkyhighBehavesLike.Win32.Genericuh.rc
ZillyaTrojan.Agent.Win32.3792677
SangforTrojan.Win32.Agent.Vk2b
CrowdStrikewin/malicious_confidence_60% (D)
Elasticmalicious (high confidence)
APEXMalicious
BitDefenderTrojan.Generic.35232115
AvastWin32:AdwareX-gen [Adw]
EmsisoftTrojan.Generic.35232115 (B)
F-SecureTrojan.TR/Redcap.ltref
VIPRETrojan.Generic.35232115
MAXmalware (ai score=86)
GDataTrojan.Generic.35232115
GoogleDetected
AviraTR/Redcap.ltref
VaristW32/Agent.HZW.gen!Eldorado
ArcabitTrojan.Generic.D2199973
MicrosoftTrojan:Win32/Ekstak.ASEF!MTB
CynetMalicious (score: 100)
AhnLab-V3Adware/Win.AdwareX-gen.R631029
ALYacTrojan.Generic.35232115
MalwarebytesTrojan.Dropper.EKS
TrendMicro-HouseCallTROJ_GEN.R002H01AB24
IkarusTrojan.Win32.Ekstak
FortinetRiskware/Application
AVGWin32:AdwareX-gen [Adw]

How to remove Trojan:Win32/Ekstak.ASEF!MTB?

Trojan:Win32/Ekstak.ASEF!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment