Trojan

Win32/TrojanDownloader.Agent.EDT removal

Malware Removal

The Win32/TrojanDownloader.Agent.EDT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.Agent.EDT virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/TrojanDownloader.Agent.EDT?



File Info:

name: 1999A718FB9BCF3C5B3E.mlw
path: /opt/CAPEv2/storage/binaries/74cfe036a8c13fbf36e22ffd614818964c2c26968ec55f930d2af897ed70bb45
crc32: 134DB7C3
md5: 1999a718fb9bcf3c5b3e41bf88be9067
sha1: 84b84900390762a41d79e705aeb257b9798147d0
sha256: 74cfe036a8c13fbf36e22ffd614818964c2c26968ec55f930d2af897ed70bb45
sha512: 3d2782524f2915ae8aa367f5a6036252a0e7a5e2440a2406caddf4c0c992b3c5d8f836c3a66ae25cd9c9d7f67af99827630906ca9f64d380c83f9f767112f504
ssdeep: 12288:QqXMshfDu7KnGJJl/Z9wIHCWhd6f1PrzUB3zu:CshfC7KnGX5ZCILdS1Pi3i
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BAD4BF227AF5C1B6C9A741B14D96E31DB2F2BDE05E3646433FD43F5E2E345824B2A221
sha3_384: 63af842f1bc1491b1bef8aa74b1e3557919c0425ad7866ae9e39c705df388ced9b3034a1a838bc038c3aeb67269324f3
ep_bytes: e8177f0000e916feffff558bec56578b
timestamp: 2018-08-13 20:00:32


Version Info:

InternalName: Flatbed923027
FileDescription: Froyo Enable Mellon Spooler Eliminating Sdk
Comments: Froyo Enable Mellon Spooler Eliminating Sdk
LegalCopyright: Copyright ©. ZocDoC
FileVersion: 7.2.6.9
CompanyName: ZocDoC
PrivateBuild: 7.2.6.9
OriginalFilename: Flatbed923027.exe
ProductName: Flatbed923027
ProductVersion: 7.2.6.9
Translation: 0x0409 0x04b0

Win32/TrojanDownloader.Agent.EDT also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Yakes.4!c
DrWebTrojan.DownLoader26.62702
MicroWorld-eScanTrojan.GenericKD.49177291
FireEyeGeneric.mg.1999a718fb9bcf3c
CAT-QuickHealTrojan.Mauvaise.SL1
ALYacTrojan.Yakes.Gen
CylanceUnsafe
SangforTrojan.Win32.Skeeyah.A
K7AntiVirusTrojan-Downloader ( 0053c47b1 )
AlibabaTrojanDownloader:Win32/Yakes.5b61e6ea
K7GWTrojan-Downloader ( 0053c47b1 )
Cybereasonmalicious.8fb9bc
BitDefenderThetaGen:NN.ZexaE.34742.Lq1@aq51Jmbi
CyrenW32/Trojan.YHGL-3694
Elasticmalicious (high confidence)
ESET-NOD32Win32/TrojanDownloader.Agent.EDT
TrendMicro-HouseCallTROJ_FRS.0NA103E820
Paloaltogeneric.ml
ClamAVWin.Trojan.CobInt-6699268-0
KasperskyTrojan.Win32.Yakes.wypf
BitDefenderTrojan.GenericKD.49177291
NANO-AntivirusTrojan.Win32.Yakes.fhoetl
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.114d2aa8
Ad-AwareTrojan.GenericKD.49177291
EmsisoftTrojan.GenericKD.49177291 (B)
ComodoMalware@#2oddm3xrlilkt
ZillyaTrojan.GenericKD.Win32.157103
TrendMicroTROJ_FRS.0NA103E820
McAfee-GW-EditionGenericRXGH-XI!1999A718FB9B
SophosMal/Generic-S
IkarusTrojan-Downloader.Win32.Agent
JiangminTrojan.Yakes.aarg
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1209434
KingsoftWin32.Troj.Yakes.wy.(kcloud)
MicrosoftPUAAdvertising:Win32/LoadMoney
ViRobotTrojan.Win32.S.Agent.619427
GDataTrojan.GenericKD.49177291
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Yakes.C2665109
McAfeeGenericRXGH-XI!1999A718FB9B
VBA32BScope.Trojan.Yakes
MalwarebytesMalware.AI.985928375
RisingDownloader.Agent!8.B23 (CLOUD)
YandexTrojan.Yakes!Znzqrf06s4o
MaxSecureTrojan.Malware.73657078.susgen
FortinetW32/Agent.EDT!tr.dldr
AVGWin32:Malware-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/TrojanDownloader.Agent.EDT?

Win32/TrojanDownloader.Agent.EDT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment