Trojan

Win32/TrojanDropper.Agent.RPR removal instruction

Malware Removal

The Win32/TrojanDropper.Agent.RPR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/TrojanDropper.Agent.RPR virus can do?

  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32/TrojanDropper.Agent.RPR?



File Info:

name: 0D05CCD35F291FAD1DB6.mlw
path: /opt/CAPEv2/storage/binaries/e149c850e055a3d4431e79e4da42d43ce059e9ff2da3b0f7beeee4d9afc6bff2
crc32: 405ECF9E
md5: 0d05ccd35f291fad1db6c42d5f77ac66
sha1: 9eeac187aecedc49002e301ccfef5fbb9b706974
sha256: e149c850e055a3d4431e79e4da42d43ce059e9ff2da3b0f7beeee4d9afc6bff2
sha512: 9a2984f778a17471342c89763923133ecf1024278d23ae0557d1e8c4d3d3c7a0d96228fb2eabafe0854fea0ad444bff7610eab8e139eecb83fb5f20a425f7016
ssdeep: 24576:niQLKbW8DijOzo6K0LsZjysEyAwBxB+mLMWyR0QK8:nifbWCpzo7b2wBKmLU0QK8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T144451255BEA183F3D95A44301BAA8BE21E7D3E754B628EC377C8161D2C701C16B72B63
sha3_384: de80bdbf1bd91aeb27f11a91d1359deb08b36e68377a8f8ed6306e2201d9652e6d98941f10a6374179f9546107055ee2
ep_bytes: e8573e0000e97ffeffff3b0dd8ff5200
timestamp: 2003-04-06 20:28:56


Version Info:

ProductName: WinRAR
CompanyName: Alexander Roshal
FileDescription: WinRAR archiver
FileVersion: 4.1.0
ProductVersion: 4.1.0
InternalName: WinRAR
LegalCopyright: Copyright © Alexander Roshal 1993-2011
OriginalFilename: WinRAR.exe
Translation: 0x0000 0x0000

Win32/TrojanDropper.Agent.RPR also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKD.44358120
CAT-QuickHealTrojan.Mauvaise.SL1
McAfeeGenericRXES-BC!0D05CCD35F29
MalwarebytesGeneric.Malware.AI.DDS
ZillyaDropper.Agent.Win32.265611
SangforVirus_Suspicious.Win32.Sality.gen
K7AntiVirusTrojan ( 0052ee471 )
K7GWTrojan ( 0052ee471 )
Cybereasonmalicious.35f291
CyrenW32/S-940fb6f7!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/TrojanDropper.Agent.RPR
APEXMalicious
ClamAVWin.Malware.Bskd-9753126-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKD.44358120
NANO-AntivirusTrojan.Win32.Drop.dzkctr
SUPERAntiSpywareTrojan.Agent/Gen-Dropper
AvastWin32:Evo-gen [Trj]
TencentMalware.Win32.Gencirc.10bb7b81
EmsisoftTrojan.GenericKD.44358120 (B)
F-SecureTrojan.TR/Taranis.1172
DrWebTrojan.MulDrop7.62214
VIPRETrojan.GenericKD.44358120
TrendMicroTrojan.Win32.SALGOREA.SMLV
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.0d05ccd35f291fad
SophosTroj/Agent-BAII
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.44358120
JiangminBackdoor.Generic.bizo
GoogleDetected
AviraTR/Taranis.1172
MAXmalware (ai score=82)
Antiy-AVLTrojan[Dropper]/Win32.Agent
XcitiumTrojWare.Win32.Salgorea.RPR@7tcxjx
ArcabitTrojan.Generic.D2A4D9E8
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Salgorea.VRR!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Salgorea.R359619
BitDefenderThetaGen:NN.ZexaF.36250.or0@ai6TMbpi
ALYacTrojan.GenericKD.44358120
TACHYONTrojan/W32.Agent.1278464.AK
VBA32BScope.Trojan.MulDrop
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTrojan.Win32.SALGOREA.SMLV
RisingTrojan.Agent!1.B332 (CLASSIC)
YandexTrojan.GenAsa!ifN17ukYM7U
IkarusTrojan.Win32.Salgorea
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Agent.RPR!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Win32/TrojanDropper.Agent.RPR?

Win32/TrojanDropper.Agent.RPR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment