Trojan

Win32/TrojanDownloader.Agent.CSU (file analysis)

Malware Removal

The Win32/TrojanDownloader.Agent.CSU is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.Agent.CSU virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
bai2.tlbxsj.com
a.tomx.xyz

How to determine Win32/TrojanDownloader.Agent.CSU?



File Info:

crc32: F1E1844E
md5: cacdc561bd6cb194650b05469a3ddf99
name: Net.dll
sha1: 7e23a93b126692180df1bc5c6ca6173bfacc67e7
sha256: 78a53ea749d7203aee3b41b1d237e59ff433eabddc79bb15d68bc38ed660dbb6
sha512: e1d2e7867a007f34fd1a013d8ca5222fbd39f1346413cf6d6faf8fdce4b40013a9cebdee43fd5543d969db20816b2a26de67c9bb1ea9c5b34ec0823fc872f926
ssdeep: 768:VHVXMJBLwleoR2RV/DsHkRnM4jFq+xmyyVk93FJT3vE2boGAr:Gw4oRS/IENM7yyVkJTjoGQ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x7248x6743x6240x6709(C) 2015
InternalName: 
FileVersion: 1, 0, 0, 1
CompanyName: 
PrivateBuild: 
LegalTrademarks: 
Comments: 
ProductName: 
SpecialBuild: 
ProductVersion: 1, 0, 0, 1
FileDescription: 
OriginalFilename: Net.dll
Translation: 0x0804 0x04b0

Win32/TrojanDownloader.Agent.CSU also known as:

McAfeeArtemis!CACDC561BD6C
SymantecTrojan.Gen.2
AvastWin32:Evo-gen [Susp]
KasperskyHEUR:Trojan-Downloader.Win32.Generic
McAfee-GW-EditionBehavesLike.Win32.Downloader.lm
SophosMal/Generic-S
Endgamemalicious (high confidence)
ZoneAlarmHEUR:Trojan-Downloader.Win32.Generic
MicrosoftTrojan:Win32/Dynamer!ac
AhnLab-V3Malware/Gen.Generic.C1043719
VBA32suspected of Trojan.Downloader.gen.h
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.CSU
IkarusTrojan-Downloader.Win32.AirJP
FortinetW32/Agent.CSU!tr.dldr
AVGGeneric_r.IYX
PandaTrj/Genetic.gen
CrowdStrikemalicious_confidence_89% (D)

How to remove Win32/TrojanDownloader.Agent.CSU?

Win32/TrojanDownloader.Agent.CSU removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment