Win32/TrojanDownloader.Agent.EZI information

The Win32/TrojanDownloader.Agent.EZI is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/TrojanDownloader.Agent.EZI virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Win32/TrojanDownloader.Agent.EZI?


File Info:
name: 0D7EA0671AEC741E334C.mlw
path: /opt/CAPEv2/storage/binaries/afb4c4b656d06138401a6c3a7d2077a97c8372c9573b686d749e49ecdd29dff2
crc32: 1D1BCF31
md5: 0d7ea0671aec741e334ced34a99b781d
sha1: df8442f952c5022ad10947f72ee485d19d0cade7
sha256: afb4c4b656d06138401a6c3a7d2077a97c8372c9573b686d749e49ecdd29dff2
sha512: 34335584f596e43db09f8d40117cc6b8ef85d80b06ac70b4647f7a42a35c664cca5384cfd65a65a110f219754ffff2a890060d75594238cb873e1c88950b48fb
ssdeep: 12288:CmkS46dq+qYAXYQtMM+mXcwxuJxP6/cGie6Ej9//k/rTcPcYYYgYYYYYYYgYYYYe:CzS4M3MpMMvfd9bj9//k//Ic
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T11AD4AF13B541C077E93508325535AA3901BFBD329EA446CBBBD4BF3DC9B61C18627A2B
sha3_384: a4249c1f823a79c3794432d3d56fa22843b47f1ef3e5d33886b56db51c43ca6c9eecd8755fe6032f2777155c15acf010
ep_bytes: e809080000e974feffff8b4df464890d
timestamp: 2020-06-13 09:33:22

Version Info:
0: [No Data]

Win32/TrojanDownloader.Agent.EZI also known as:

Lionic	Trojan.Win32.Convagent.a!c
MicroWorld-eScan	Trojan.GenericKD.43878380
ALYac	Trojan.GenericKD.43878380
Cylance	Unsafe
Sangfor	Trojan.Win32.Convagent.gen
K7AntiVirus	Trojan-Downloader ( 0056356f1 )
Alibaba	TrojanDownloader:Win32/AutoG.ddaf61f5
K7GW	Trojan-Downloader ( 0056356f1 )
Cybereason	malicious.71aec7
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/TrojanDownloader.Agent.EZI
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Dropper.Pwshell-9811893-0
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Trojan.GenericKD.43878380
NANO-Antivirus	Trojan.Win32.Zusy.hvscwp
Avast	Win32:DropperX-gen [Drp]
Tencent	Malware.Win32.Gencirc.11ac48c9
Ad-Aware	Trojan.GenericKD.43878380
Emsisoft	Trojan.GenericKD.43878380 (B)
Zillya	Downloader.Agent.Win32.410443
TrendMicro	TROJ_GEN.R002C0PAE22
McAfee-GW-Edition	BehavesLike.Win32.MultiPlug.jh
FireEye	Generic.mg.0d7ea0671aec741e
Sophos	Troj/AutoG-JE
SentinelOne	Static AI – Suspicious PE
Webroot	W32.Trojan.Gen
Avira	TR/Dldr.Agent.xloso
MAX	malware (ai score=88)
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Tnega!MSR
Arcabit	Trojan.Generic.D29D87EC
GData	Trojan.GenericKD.43878380
Cynet	Malicious (score: 99)
AhnLab-V3	Dropper/Win.Generic.R434592
McAfee	GenericRXMH-UB!0D7EA0671AEC
VBA32	Trojan.Skeeyah
Malwarebytes	Nimnul.Virus.FileInfector.DDS
TrendMicro-HouseCall	TROJ_GEN.R002C0PAE22
Rising	Downloader.Agent!8.B23 (CLOUD)
Ikarus	Trojan-Downloader.Win32.Agent
MaxSecure	Trojan.Malware.7175239.susgen
Fortinet	W32/Agent.EZI!tr.dldr
BitDefenderTheta	Gen:NN.ZexaF.34638.MuW@aiNki4di
AVG	Win32:DropperX-gen [Drp]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Win32/TrojanDownloader.Agent.EZI?

Win32/TrojanDownloader.Agent.EZI removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X