Malware

Win32/Agent.ABUK malicious file

Malware Removal

The Win32/Agent.ABUK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Agent.ABUK virus can do?

  • Attempts to connect to a dead IP:Port (87 unique times)
  • Starts servers listening on 127.0.0.1:0
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Russian
  • Unusual version info supplied for binary

Related domains:

bdns.at
getwrpd.com
chesaning.xyz
festivaldelsol2014.com
rzn.hanlinzaoqiao.com
851orange.ph
archipilago.com
mark14offer.info
blogmarketingbooster.net
feelsocal.com
sesyalitimbelgesi.org
onurkolkir.com
7daystranslation.ph
everyroozz.com
zokoko.net
sergiosmartelinhodeouro.com
yqshiyu.com
abrowar.ws
whotheref.com
gbrxshop.com
catrabbit.info
www.drsafari.com
tutordoctoreastsanantonio.com
huifenghongxin.com
cdjstcy.com
100jahrepfadi.ph
creeper-city.org
psudakov.com
pr6special1n.biz
thermoelectricchargers.com
recverification.org
scoopy2015.com
rshaudio.com
lawyersmasters.com
middlegroundmethod.com
stressoranxiety.com
apartmentsync.org
17347437.fm
dunfermline.cc
soylounge.com
charvoguehairandmakeup.com.au
petmedspromotionalcodes.com
indiaprop.com
pagatodastusdeudas.com
zetsv.com
cashin4life.com
offsitemail.net
vickiwilsonsells.com
324n3nekqh4vkiovf7bv5eauo9a4eaqj.pw
gigha.nl
tunisia-villas.com
247878.xyz
country.wolsztyn.pl
petcarerxsucks.com
teaave.com
partiapolexit.pl
verbouwingenbrugge.be
customchristmascards.org
tuftband.com
naturallyeos.com
samcolema.us
haolvmi.com
podcastmarketingsystem.org
regionale-schule-zingst.de
akzsyndicate.com
toysforcats.com
california-tree-service.com
terracottapot.co
alearning.io
xn--eckyb5bf0gva7frb.biz
rdiris.com
koko.video
62ngn.fm
6api.ph
kulilly.com
86503333.fm
santacolossal.com
ifwecanwalkonthemoonwecancreateasustainableplanettogether.com
absoluteheavenpetspa.com
bluehillcommunitycompass.org
jacksonvilleenergysavers.net
ship-audits-in-germany.de
mis-chirurgie.de
1-omicronar.fm
fxknt.com
freepythonbook.com
codyalexander.us
kieferchirurgie-troisdorf.de
7630westwood.ws
wyldgypsy.us
chapmanrealtyhv.net
salzgrottelandsberg.de
deyong.cn
browncleanup.com
maximumcarpetandflooring.com
nieruchomosci-sanok.net
a3mal-rawasi.fm
sharpeivinylrecords.com
snowman-preschool-math-games.android.informer.com
rapidcitylibrary.com
cavatinawebdesigns.com
msharchitecture.com
blog.w4kfu.com
investdallas.org
debbqshop.nl
anxiousmindrelief.com
blzoiy.365-72178.cn
justinulchar.net
abobonus.de
ridwun.xyz
thispaysforeverything.info
l9eu8hj7om8jafgq90ek22is395q4pbk.com
cifip.ma
marbling.info
newlifephotos.com
xf5566.net
lfaqge.cc91865.cn
xn--katalogblttern-eib.com
bf241.com
meracare.com.au
olbaid-server.online
ecomlosangeles.com
angefred.se
thecompletetrafficmonsoonstrategy.com
erexolamerica.com
lit-star.cn
lifecanitellyousomething.com
pzpzii669.com
kayakingbarcelona.com
chy789.com
cuxdio.org
kafahoca.com
hutchcabinet.com
shieldroofrepair.com
pacificsoundandvoice.info
will.net
unternehmensmarktplatz.net
serrande-riparazioni-roma.it
effectivenichemarketing.com
7sinse-liquid.com
wikivettin.us
thesingingword.com
aszai.com
igooglass.net
sethandmirna.com
taxienbarcelona.org
carbondalecarinsurance.com
streets10streeteswest15.com
nuvensdealgodao.com
junelevy.com
long8154.com
indiainamerica.com
amansalaresort.com
majesticlogisticsg.com
burkesvilletroutresort.com
lowlightnj.com
powertry.com
go-anywhere-mobile-chargers.com
elektro-funke-leinefelde.de
mw-bedachungen.de
fi-legislation.com
drumcountercharge.com
luisa-tender.com
hanghoasile.com
fivedollarsanta.com
motofloor.com
iotmdtosirnnohvd.com
lynnwaytruckcenter.com
saliusuniform.com
salihlitso.org.tr
thekeyplac.us
aqflyers.com
doguyildirimavukatlikburosu.com
seedfoundationusa.com
chastangsbayoucityford.com
trueimpessionsflooring.com
callawaygolfclubrentals.com
800staydry.com
qmdr.top
iunderpants.com
abo-bonus.de
apple-iphonegiveaway.us
92625homes.fm
naturheilpraxis-grosch.de
killingfacts.com
quiromasajistas.org
petermanns-audio.ch
best-knowledge-toownflowing-forth.info
22mbps.ws
motorcortex.ai
iamsiobhan.com
owlbabyboutique.com
simcast.com
in2flyers.com
coinsofdistinction.com
saiheart.com
harworthgroup.co.uk
airforceoneonly.com
pacificpridefestival.net
podtold.info
minutesdelivery.com
jvrproperties.com
maldeojo.app
jxscai.com
sanfernandodehenareselectricistas.org
iolainsurance.com
arvac.lv
predator-motorcycles.com
virginislandsoutfitters.com
o5skia80jrpg70smdqcmckksnjoucc1g.com
nauticacosta.com
motopact.eu
adoptiontheater.com
centralfloridalots.com
6737571.fm
haxmax.com
merasabaq.online
londontownhotels.biz
xn--r70a82lk2cp5m.cn
peppermintcreams.net
ellingsonfamily.info
iamdanerd.com
itaufield.com
ns3000wip.com
rhrocks-designs.com
sceglilacasa.it
hectorpieterson.org
syjui.biz
1stkidsclothing.ws
allinadoptionagency.com
samschroder.co.za
competitiation.com
int19h.net
uvur.pw
home-staging-hannover.com
gyllenskepp.com
clinicaveterinariaborghesiana.com
charlottecountyseniorresources.com
digitalmacs.co.uk
closethehole.com
1purifier.pw
actoncopenhagen.org
baloncestostats.com
motorolawater.com
vinylprotectivecaps.com
envolee.net
parts-planet.com
countmeicllc.com
crnextft.com
skytech-adsl.net
downloadlet.com
108allanmerecourt.fm
sk-linden.wf-net.de
creditmanage.org
us131dragstrip.com
canadadrugsuperstores.com
sytlku.365-1143.cn
broadwayg.info

How to determine Win32/Agent.ABUK?



File Info:

crc32: 7D00C9F8
md5: a318e63e2446a954f0a6676a7effa27f
name: svchost.exe
sha1: 24904d31bf8bc1e718c88035a5a9df7f6e6d06c1
sha256: 9901673ab222a6b224e00b140b343f60c1b870f92ac6f6ad467421c626c5ff7a
sha512: 060eabe45ab5b9bd1c64c2bd24c8337d907f3601ccde42b6ffa269fddd104528469b96bb59dbe999c7ecc3b042d45ec884960749f86fe531d0ba158acd66a4ba
ssdeep: 24576:3bBdkwIksISScqE/xTTOtVLu/kumoB0jaR+a6H:30kH4wLyCo+1H
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: 22222222
FileVersion: 6.1.7600.16385
CompanyName: TODO: 
ProductName: Microsoftxae Windowsxae Operating System
ProductVersion: 6.1.7600.16385
FileDescription: Host Process for Windows Services
OriginalFilename: svchost.exe
Translation: 0x0009 0x04b0

Win32/Agent.ABUK also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanTrojan.GenericKD.33787483
McAfeeRDN/Generic.dx
CylanceUnsafe
K7AntiVirusTrojan ( 00564f031 )
BitDefenderTrojan.GenericKD.33787483
K7GWTrojan ( 00564f031 )
APEXMalicious
GDataTrojan.GenericKD.33787483
KasperskyUDS:DangerousObject.Multi.Generic
AlibabaTrojan:Win32/Generic.a2ee53d5
AegisLabTrojan.Multi.Generic.4!c
EmsisoftTrojan.GenericKD.33787483 (B)
F-SecureTrojan.TR/Agent.zlxor
DrWebTrojan.DownLoader33.39200
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.CoinMiner.ch
SophosMal/Generic-S
IkarusTrojan.Win32.Agent
AviraTR/Agent.zlxor
MAXmalware (ai score=82)
Antiy-AVLTrojan/Win32.Wacatac
ArcabitTrojan.Generic.D2038E5B
ZoneAlarmUDS:DangerousObject.Multi.Generic
MicrosoftTrojan:Win32/Wacatac.C!ml
VBA32Trojan.Wacatac
ALYacTrojan.GenericKD.33787483
Ad-AwareTrojan.GenericKD.33787483
ESET-NOD32a variant of Win32/Agent.ABUK
TrendMicro-HouseCallTROJ_GEN.R011H0CE720
RisingTrojan.Agent!8.B1E (CLOUD)
SentinelOneDFI – Malicious PE
FortinetW32/Agent.ABUK!tr
BitDefenderThetaGen:NN.ZexaF.34108.ZC0@aOzrkQok
AVGFileRepMalware
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Win32/Agent.ABUK?

Win32/Agent.ABUK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment