Trojan

Win32/TrojanDownloader.Agent.CLJ information

Malware Removal

The Win32/TrojanDownloader.Agent.CLJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.Agent.CLJ virus can do?

  • HTTPS urls from behavior.
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32/TrojanDownloader.Agent.CLJ?



File Info:

name: 764B749332340810A5BD.mlw
path: /opt/CAPEv2/storage/binaries/3b5f76e1a04900bf64913a3dbc3584f85efcfe80f08e7d35130cee0ef4205657
crc32: 79B41CCD
md5: 764b749332340810a5bd671ca510b29e
sha1: a12c0938f52db51307177ede6434f77a178205be
sha256: 3b5f76e1a04900bf64913a3dbc3584f85efcfe80f08e7d35130cee0ef4205657
sha512: 10f918702e75d085a93b051d73674396a707235543b0d1fafed16ca87fd5424856e0b12d9a044c00ef0ae7660ecdfd55dc62bbf5b5714b6e3cc035069ad0fda1
ssdeep: 3072:HbP5wnh2CgaiqSuGp2o1ci2yU0WSgnmmCqOFn8PbquWq9ItHq1iitsiFrStgdIAP:HbP6DiqSuGp2hOkbRON8PS6dIaW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11A34AE573AA08BB3D34A553189D5AF3BF3B5ED900F2386876364EB5D5D311D02A3B20A
sha3_384: 668533f6298e274dd3e4216babf4c6f0f3fbdf31f63ee46413dca0041ae6d0e79d7b3320a498d69921f4a3787607beea
ep_bytes: 558bec6aff6880c44200680c52410064
timestamp: 1970-01-01 00:00:00


Version Info:

Comments: 
CompanyName: dfgfg
FileDescription: Chess
FileVersion: 1, 0,8 , 1
InternalName: Chess
LegalCopyright: 版权所有(C) 2016
LegalTrademarks: fdgfg
OriginalFilename: Chessdf
PrivateBuild: sdfdf
ProductName: CHINA Chess
ProductVersion: 1, 0, 7, 1
SpecialBuild: gfdgf
Translation: 0x0405 0x04b0

Win32/TrojanDownloader.Agent.CLJ also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader21.56588
MicroWorld-eScanTrojan.Cud.Gen.1
FireEyeGeneric.mg.764b749332340810
McAfeeGenericRXAB-CE!764B74933234
MalwarebytesWapomi.Virus.FileInfector.DDS
ZillyaDownloader.Agent.Win32.311519
SangforDownloader.Win32.Agent.Vgle
K7AntiVirusRiskware ( 0040eff71 )
AlibabaBackdoor:Win32/Zlob.180910
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.332340
CyrenW32/Troj_Obfusc.N.gen!Eldorado
SymantecSMG.Heur!gen
ESET-NOD32Win32/TrojanDownloader.Agent.CLJ
APEXMalicious
ClamAVWin.Downloader.Zegost-6484584-1
KasperskyHEUR:Backdoor.Win32.Generic
BitDefenderTrojan.Cud.Gen.1
NANO-AntivirusTrojan.Win32.Dwn.edflad
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.10b35e14
TACHYONBackdoor/W32.Agent.237568.DD
SophosMal/Generic-S
F-SecureTrojan.TR/Dldr.Agent.nynxq
BaiduWin32.Trojan-Downloader.Agent.bh
VIPRETrojan.Cud.Gen.1
TrendMicroBKDR_ZEGOST.SM22
McAfee-GW-EditionBehavesLike.Win32.Infected.dm
Trapminemalicious.high.ml.score
EmsisoftTrojan.Cud.Gen.1 (B)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.Cud.Gen.1
JiangminBackdoor.Generic.agmb
GoogleDetected
AviraTR/Dldr.Agent.nynxq
Antiy-AVLTrojan[Backdoor]/Win32.BigBadWolf.a
ArcabitTrojan.Cud.Gen.1
ZoneAlarmHEUR:Backdoor.Win32.Generic
MicrosoftTrojanDownloader:Win32/Farfli.F!bit
CynetMalicious (score: 100)
AhnLab-V3Backdoor/Win.Zegost.C4718024
Acronissuspicious
VBA32Backdoor.Farfli
MAXmalware (ai score=84)
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallBKDR_ZEGOST.SM22
RisingBackdoor.Generic!8.CE (TFE:5:kRB0p23aNaL)
IkarusTrojan-Downloader.Win32.Farfli
MaxSecureTrojan.Malware.7175197.susgen
FortinetW32/Agent.CGT!tr
AVGWin32:Malware-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/TrojanDownloader.Agent.CLJ?

Win32/TrojanDownloader.Agent.CLJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment