Malware

About “Win32/Agent.OEQ” infection

Malware Removal

The Win32/Agent.OEQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Agent.OEQ virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Win32/Agent.OEQ?



File Info:

name: 8F057647CF46E0C74887.mlw
path: /opt/CAPEv2/storage/binaries/7619e799b48afb12941bedb16e5e39107be1accef25b1ee1fc43777b79e04433
crc32: A1D375F5
md5: 8f057647cf46e0c74887a450493972e9
sha1: 3bc5406e3d6d4ae54fd853b31c3db63ac927745c
sha256: 7619e799b48afb12941bedb16e5e39107be1accef25b1ee1fc43777b79e04433
sha512: 83ae45d2abcb876358eb353b9d089ff375824f748b854a9d4ba1aff318462c83b8126691820097782997b2d808e36b1b009dbfef25f1e49789bc7c0f211ddc45
ssdeep: 3072:YPSObB+C19UCcmq9d1OU6zCyQY/aJTcFxn6xTzU09a/7FXVV2d:ngBr4Rmyd0UyCyQYiJTcPMU0Y/7vV2d
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10CD312C6CA53E5FAD9BA91398240F784783C71B21DA7E3BF7997C8362351E824850F58
sha3_384: 09ad6be4b98e7ce9d82e998eadff68bcce8f0ad5bca511c946bfb67c15673c4123656660f5da0b32d3629b893baca423
ep_bytes: 558bec60466a4081c3ae040000b8850d
timestamp: 2008-07-27 12:54:39


Version Info:

0: [No Data]

Win32/Agent.OEQ also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Agent.kZn8
Elasticmalicious (high confidence)
DrWebTrojan.Siggen6.15188
MicroWorld-eScanGen:Variant.Ser.Razy.10916
FireEyeGeneric.mg.8f057647cf46e0c7
ALYacGen:Variant.Ser.Razy.10916
ZillyaTrojan.Pakes.Win32.5299
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Win32/Pakes.eaf316be
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.7cf46e
BitDefenderThetaAI:Packer.936E02191E
VirITTrojan.Win32.Rootkit-Agent.BU
CyrenW32/Zbot.I.gen!Eldorado
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Agent.OEQ
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Pakes.mae
BitDefenderGen:Variant.Ser.Razy.10916
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
AvastWin32:Evo-gen [Trj]
TencentWin32.Trojan.Pakes.Oqil
Ad-AwareGen:Variant.Ser.Razy.10916
EmsisoftGen:Variant.Ser.Razy.10916 (B)
ComodoMalware@#3t9m9a152u2h8
VIPREGen:Variant.Ser.Razy.10916
McAfee-GW-EditionBehavesLike.Win32.Backdoor.cc
Trapminemalicious.high.ml.score
SophosML/PE-A + Mal/EncPk-JE
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Ser.Razy.10916
JiangminTrojan/Pakes.esv
WebrootW32.Malware.Gen
GoogleDetected
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Generic.ASMalwS.330C
KingsoftWin32.Heur.KVMH004.a.(kcloud)
ViRobotTrojan.Win32.Pakes.139684
MicrosoftTrojan:Win32/Rlsloup.gen!A
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C1379131
Acronissuspicious
McAfeeArtemis!8F057647CF46
MAXmalware (ai score=99)
VBA32BScope.Trojan.Pakes
CylanceUnsafe
RisingTrojan.Generic@AI.94 (RDML:EsXQeUi6Qhd2y8FlenX82Q)
YandexTrojan.Agent!mQ4ItTyR/tI
IkarusTrojan.Win32.Agent
FortinetW32/Generic
AVGWin32:Evo-gen [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Agent.OEQ?

Win32/Agent.OEQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment