Malware

How to remove “Win64/Agent.MU”?

Malware Removal

The Win64/Agent.MU is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64/Agent.MU virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win64/Agent.MU?



File Info:

name: B6F1CBFA0D1F93A72557.mlw
path: /opt/CAPEv2/storage/binaries/21360ac5012daba2633c4562273d1873bca53b6ac03a72ca6e20b6d816bc25a2
crc32: 19BDE937
md5: b6f1cbfa0d1f93a72557cb716aa932fe
sha1: baa1490c1ebf333b7110d99bad7317157e827b59
sha256: 21360ac5012daba2633c4562273d1873bca53b6ac03a72ca6e20b6d816bc25a2
sha512: 63767fb36853699d0349527d9596d839035f7327141d5791368255909447f2f713e91b4ffaee940345efa0cb3c486f43cd6b15fac51f712940148473991b7f84
ssdeep: 1536:hKUA+wjtvZpp/EEr4pTRE8uTLZr8J9K1yO/yCkZPxchbMKfMRHAzQ:hK3+wjNZoEflG48O/HapEMqzQ
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1C41431919EEFCDDEC16F627FA00A0D8314DEE742075796E68B425E35B7841A38D290E3
sha3_384: e9bde3a56b135cbdd7e957c7e9cc4bed8d83997a0795553da4d27227ec6f173eebbbb1e5e55bd66f8d5ea3933a135ec8
ep_bytes: 4883ec28e80b0000004883c428e97afe
timestamp: 2021-06-06 05:55:49


Version Info:

CompanyName: NVIDIA Corporation
FileDescription: NVIDIA Container
InternalName: NvContainer
LegalCopyright: (C) 2016-2020 NVIDIA Corporation. All rights reserved.
OriginalFilename: NvContainer.exe
ProductName: NVIDIA Container
ProductVersion: gcomp_dev 28519944
Translation: 0x0009 0x04b0

Win64/Agent.MU also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.37363197
FireEyeGeneric.mg.b6f1cbfa0d1f93a7
ALYacTrojan.GenericKD.37363197
CylanceUnsafe
SangforRiskware.Win32.Wacapew.C
K7AntiVirusTrojan ( 0056ce061 )
AlibabaTrojan:Win64/Generic.1776bb67
K7GWTrojan ( 0056ce061 )
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win64/Agent.MU
TrendMicro-HouseCallTROJ_GEN.R011H0CH921
KasperskyTrojan.Win32.Agent.xakoxb
BitDefenderTrojan.GenericKD.37363197
AvastWin64:Trojan-gen
Ad-AwareTrojan.GenericKD.37363197
SophosGeneric PUA LK (PUA)
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win64.BadFile.cm
EmsisoftTrojan.GenericKD.37363197 (B)
GDataTrojan.GenericKD.37363197
AviraTR/Agent.bpopa
MAXmalware (ai score=85)
ArcabitTrojan.Generic.D23A1DFD
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!B6F1CBFA0D1F
IkarusTrojan.Win64.Agent
FortinetMalicious_Behavior.SB
AVGWin64:Trojan-gen

How to remove Win64/Agent.MU?

Win64/Agent.MU removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment