Trojan

VHO:Trojan.Win32.Agent.xaqkqn removal guide

Malware Removal

The VHO:Trojan.Win32.Agent.xaqkqn is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VHO:Trojan.Win32.Agent.xaqkqn virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Georgian
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization

How to determine VHO:Trojan.Win32.Agent.xaqkqn?



File Info:

name: D861BD3226EEA8FCE476.mlw
path: /opt/CAPEv2/storage/binaries/fae7d3b99e88e2108bc96bea6d5addea88bd7e9ba25931d18ede8b272fe73544
crc32: 9EB4989C
md5: d861bd3226eea8fce476aeffba6db886
sha1: 59efdbfdb70eae8c1fd3a300759ead00ec1da1a8
sha256: fae7d3b99e88e2108bc96bea6d5addea88bd7e9ba25931d18ede8b272fe73544
sha512: 9342e40dd6c047005753f2761cd5095bc53c93acb2111e37c3692bcd8015e732d7d052e3c6b406d67354aff3f59169fc85a93426ee25bc00ad2aa40cf2cfb3f4
ssdeep: 3072:4a/Xq6I+JcuQUcUBNaGgY/1tZjceme2kDkT7gpgpx9L:4MvTJjcUBN5/ljcemkkT7gpgp
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11E54E122B6D3D071C09316705871CBA1ABBF6831177104FF6BA82A7E5FB06D09AB535B
sha3_384: 2f36922a4fabffd835951f9f025e988e7e65a316f7a0d7899b7dd9db4332672d592c9ef4af203c8588fc913bd48b9115
ep_bytes: e8183b0000e989feffff6a0aff15d410
timestamp: 2022-01-01 12:43:04


Version Info:

FileVersions: 9.1.2.1
Copyright: Copyright (C) 2022, soboklos
ProjectVersion: 74.85.66.75

VHO:Trojan.Win32.Agent.xaqkqn also known as:

BkavW32.AIDetect.malware1
tehtrisGeneric.Malware
FireEyeGeneric.mg.d861bd3226eea8fc
CylanceUnsafe
SangforTrojan.Win32.Save.a
Cybereasonmalicious.db70ea
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
KasperskyVHO:Trojan.Win32.Agent.xaqkqn
AvastCrypterX-gen [Trj]
Trapminesuspicious.low.ml.score
SophosML/PE-A
SentinelOneStatic AI – Malicious PE
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GoogleDetected
Acronissuspicious
RisingMalware.Obscure/Heur!1.A89F (CLASSIC)
IkarusTrojan.Win32.Ranumbot
MaxSecureTrojan.Malware.300983.susgen
AVGCrypterX-gen [Trj]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove VHO:Trojan.Win32.Agent.xaqkqn?

VHO:Trojan.Win32.Agent.xaqkqn removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment