The UDS:Backdoor.MSIL.Convagent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
What UDS:Backdoor.MSIL.Convagent virus can do?
File Info:
name: B36C13546F7FAB8950DC.mlwpath: /opt/CAPEv2/storage/binaries/aadfb8aa67a9cd15c6ff633574ae377526b69042b92d386acd639a0a26bb0ba5crc32: 1196BCF2md5: b36c13546f7fab8950dcfda3517c126asha1: 2ba95990754d8edac36dff074d94f3472b43ef01sha256: aadfb8aa67a9cd15c6ff633574ae377526b69042b92d386acd639a0a26bb0ba5sha512: 3c05c097b908831fd7f52a54c68268be58adcd53723fcb7f378ee59f05edea7522e9b9e0f54467db017218ba21f8c2f058b145803ec8beadb8cd001085dbde05ssdeep: 12288:6Mr9y90LEFYZJGX8FVoyDlFj0NiCiGe1CoMaBvjPN+SRNrn5Z6otyL1wSaZw:PySEubGXMWyDlvj1CoMaBrPNlRl5ZBwttype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T19FE41207EEEC8432D8B527B115F606C31B3BBDA15A3887AA678FAC190473460663177Fsha3_384: 3abef00d3674bde9007a55ea6978d802e487863f12b9975fd37e613bdefe3d71d2f4830de67fa0c22210d9a65c38b75bep_bytes: e8f0060000e9000000006a5868b87240timestamp: 2022-05-24 22:49:06Version Info:
CompanyName: Microsoft CorporationFileDescription: Самоизвлечение CAB-файлов Win32 FileVersion: 11.00.17763.1 (WinBuild.160101.0800)InternalName: Wextract LegalCopyright: © Корпорация Майкрософт. Все права защищены.OriginalFilename: WEXTRACT.EXE .MUIProductName: Internet ExplorerProductVersion: 11.00.17763.1Translation: 0x0419 0x04b0
ClamAV | Win.Packed.Disabler-9987080-0 |
FireEye | Generic.mg.b36c13546f7fab89 |
CAT-QuickHeal | Trojan.Generic.TRFH758 |
ALYac | Trojan.GenericKDZ.94427 |
Malwarebytes | Generic.Trojan.Injector.DDS |
K7AntiVirus | Trojan ( 700000121 ) |
K7GW | Trojan ( 700000121 ) |
CrowdStrike | win/malicious_confidence_70% (D) |
Cyren | W32/MSIL_Kryptik.ITJ.gen!Eldorado |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
ESET-NOD32 | a variant of MSIL/Spy.RedLine.A |
APEX | Malicious |
Cynet | Malicious (score: 99) |
Kaspersky | UDS:Backdoor.MSIL.Convagent.gen |
SUPERAntiSpyware | Trojan.Agent/Gen-Downloader |
Avast | Win32:PWSX-gen [Trj] |
Tencent | Trojan-Ransom.Win32.Stop.gen |
DrWeb | Trojan.PWS.Stealer.35327 |
VIPRE | Gen:Variant.Jaik.126201 |
McAfee-GW-Edition | BehavesLike.Win32.Generic.jc |
Trapmine | malicious.moderate.ml.score |
SentinelOne | Static AI – Malicious SFX |
GData | MSIL.Trojan-Stealer.Redline.G |
Avira | HEUR/AGEN.1252166 |
Antiy-AVL | Trojan[Spy]/MSIL.RedLine |
ZoneAlarm | HEUR:Trojan.MSIL.Agent.gen |
Microsoft | Trojan:Script/Phonzy.A!ml |
Detected | |
McAfee | GenericRXQA-AF!607CA971344F |
Cylance | unsafe |
Rising | Stealer.Agent!1.DC63 (CLASSIC:KIGhqwrd7hAfVLIy++i6Iw) |
Yandex | Trojan.Agent!U3jdWTT1F8s |
Ikarus | Trojan-Spy.RedLineStealer |
Fortinet | MSIL/Agent.DFY!tr |
AVG | Win32:PWSX-gen [Trj] |
The Troj/VB-IGX is considered dangerous by lots of security experts. When this infection is active,…
The UDS:Trojan.Win32.DBadur is considered dangerous by lots of security experts. When this infection is active,…
The Jalapeno.348 is considered dangerous by lots of security experts. When this infection is active,…
The Razy.665944 is considered dangerous by lots of security experts. When this infection is active,…
The Symmi.3599 is considered dangerous by lots of security experts. When this infection is active,…
The Malware.AI.73035705 is considered dangerous by lots of security experts. When this infection is active,…