Trojan

Win32/TrojanDownloader.Agent.FXF (file analysis)

Malware Removal

The Win32/TrojanDownloader.Agent.FXF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDownloader.Agent.FXF virus can do?

  • Unconventionial language used in binary resources: Arabic (Oman)
  • Authenticode signature is invalid

How to determine Win32/TrojanDownloader.Agent.FXF?



File Info:

name: 526B0C8A6B9E8CB984BB.mlw
path: /opt/CAPEv2/storage/binaries/83a0838ce422cf0354914df7efde5aeadb19cbc84ee315725de96237df2a36aa
crc32: FFA29903
md5: 526b0c8a6b9e8cb984bbde90853d1181
sha1: d7c099c464e0448a0054f7bb4aa30673764b00a1
sha256: 83a0838ce422cf0354914df7efde5aeadb19cbc84ee315725de96237df2a36aa
sha512: bb8c75df68130972d4fff94c15f36b007423cd71367e2412ee2c1e5ac833775ccce2bc81583034d1d5ecc6182a217dc712baa28daa07f6df45d4339904cff97d
ssdeep: 12288:1wRQmGcWBCu+mPjhqb7/J2xnwIjmTbpj:1wRQdtqb7CwDp
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C8B43960A310E3B1F19709FE51A65FB939281838CB98FCEBAF905D05E6241DD727127E
sha3_384: c83ee27a54580ad3624771adc8d3eba7d66e79865b6d2c9246b67ecb1d6c99be8959e9c4ddc20ca5f54d913b0949147d
ep_bytes: e876050000e97afeffff3b0d14504200
timestamp: 2021-09-16 13:14:59


Version Info:

CompanyName: Line1 Street
FileDescription: Line1 Street
FileVersion: 73.15.10.5
InternalName: Line1 Street.exe
LegalCopyright: Copyright (C) 2021 Line1
OriginalFilename: Line1 Street.exe
ProductName: Line1 Street
ProductVersion: 73.15.10.5
Translation: 0x0409 0x04b0

Win32/TrojanDownloader.Agent.FXF also known as:

BkavW32.AIDetect.malware2
LionicHeuristic.File.Generic.00×1!p
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Zusy.401340
ClamAVWin.Malware.Bulz-9955173-0
FireEyeGeneric.mg.526b0c8a6b9e8cb9
CAT-QuickHealTrojan.RelineRI.S23757128
McAfeeGenericRXAA-AA!526B0C8A6B9E
CylanceUnsafe
VIPREGen:Variant.Zusy.401340
SangforInfostealer.Win32.Reline.Vzug
K7AntiVirusTrojan-Downloader ( 005828b31 )
AlibabaTrojanDownloader:Win32/SmallAgent.cc248c8f
K7GWTrojan-Downloader ( 005828b31 )
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.FXF
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-PSW.Win32.Reline.gen
BitDefenderGen:Variant.Zusy.401340
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AvastWin32:MalwareX-gen [Trj]
TencentWin32.Trojan-Downloader.Oader.Hajl
Ad-AwareGen:Variant.Zusy.401340
SophosMal/Generic-S
ComodoMalware@#2tis2chucpf3b
DrWebTrojan.PWS.Stealer.30999
TrendMicroTROJ_GEN.R011C0GIO21
McAfee-GW-EditionBehavesLike.Win32.Emotet.hh
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Zusy.401340 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Zusy.401340
JiangminTrojan.PSW.Reline.eq
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1213150
Antiy-AVLTrojan/Generic.ASMalwS.66F8
KingsoftWin32.PSWTroj.Undef.(kcloud)
ArcabitTrojan.Zusy.D61FBC
MicrosoftTrojanDownloader:Win32/SmallAgent.AN!MTB
GoogleDetected
AhnLab-V3Dropper/Win.Mudrop.C4611786
Acronissuspicious
VBA32BScope.Trojan.Sabsik.FL
ALYacGen:Variant.Zusy.401340
MAXmalware (ai score=100)
MalwarebytesTrojan.Downloader
TrendMicro-HouseCallTROJ_GEN.R011C0GIO21
RisingDownloader.Agent!1.D93C (CLASSIC)
YandexTrojan.DL.Agent!3qvO4vE/R14
MaxSecureTrojan.Malware.107509306.susgen
FortinetW32/Reline.FXF!tr.pws
BitDefenderThetaGen:NN.ZexaF.34698.Hu0@a4xgKRiO
AVGWin32:MalwareX-gen [Trj]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/TrojanDownloader.Agent.FXF?

Win32/TrojanDownloader.Agent.FXF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment