Trojan

UDS:Trojan.Win32.Ekstak.audnm malicious file

Malware Removal

The UDS:Trojan.Win32.Ekstak.audnm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:Trojan.Win32.Ekstak.audnm virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Created a service that was not started
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine UDS:Trojan.Win32.Ekstak.audnm?



File Info:

name: D1CAF5BA747AF6187A56.mlw
path: /opt/CAPEv2/storage/binaries/fa4e5237d77c8699a120bc6b3bb5c54fea54b2985b920c20922db1923e35bca7
crc32: 305F5D00
md5: d1caf5ba747af6187a564adb82a9bb15
sha1: ba88951ce44695cc7586a6b9d99de285c8a6c631
sha256: fa4e5237d77c8699a120bc6b3bb5c54fea54b2985b920c20922db1923e35bca7
sha512: e348b15d0511bebebb4fcfbd1da70c88085a0c860689881c3331702e63d1f79424dc3165c3f329ec141106be10ff9a4ec482893f0c88025dde43552069237164
ssdeep: 196608:bcYrmuXQpE7u6PVly6ylsLl5gNq6SbANXM5f2DrUup/ilmUSzRP4dD:8lKlpgX6eUup/ildD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1496633C1E7A18472C0155236BEA7C2962F63FE322FB03B872588765B4FB74B290578D5
sha3_384: 70c611f111025e8ae61c83f2d71c2dcb5c0de9f832e77699948ebe74b9b41e7e9a89e65d2cd9e2a42923066b6445714f
ep_bytes: 558bec83c4c453565733c08945f08945
timestamp: 2023-12-27 00:46:18


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName:                                                             
FileDescription: CloudPanelCRT Setup                                         
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: CloudPanelCRT                                               
ProductVersion: 1.2.2.6             
Translation: 0x0000 0x04b0

UDS:Trojan.Win32.Ekstak.audnm also known as:

Elasticmalicious (high confidence)
SkyhighBehavesLike.Win32.PUPInstaller.vc
Cylanceunsafe
SangforTrojan.Win32.Agent.V3v3
CrowdStrikewin/malicious_confidence_70% (D)
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/TrojanDropper.Agent.SLC
APEXMalicious
KasperskyUDS:Trojan.Win32.Ekstak.audnm
DrWebTrojan.Siggen22.54024
SophosMal/Generic-S
VaristW32/Agent.NTLU-6269
KingsoftWin32.Trojan.Agentb.gen
ZoneAlarmUDS:Trojan.Win32.Ekstak.audnm
MicrosoftTrojan:Win32/ICLoader.JL!MTB
McAfeeArtemis!D1CAF5BA747A
DeepInstinctMALICIOUS
MalwarebytesGeneric.Malware/Suspicious
FortinetW32/Agent.SLC!tr

How to remove UDS:Trojan.Win32.Ekstak.audnm?

UDS:Trojan.Win32.Ekstak.audnm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment