Crack

How to remove “WinGo/HackTool.Agent.AB”?

Malware Removal

The WinGo/HackTool.Agent.AB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What WinGo/HackTool.Agent.AB virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine WinGo/HackTool.Agent.AB?



File Info:

name: C4C4E1957DFA12138110.mlw
path: /opt/CAPEv2/storage/binaries/3df180d321a931c770792d60c131e87d3aa8be215e15f0ca7f371db3d737c3e5
crc32: 2EF8B085
md5: c4c4e1957dfa12138110bf9fcfb18479
sha1: 955cee0e84dec5c485eb3eee2102f392110b2c14
sha256: 3df180d321a931c770792d60c131e87d3aa8be215e15f0ca7f371db3d737c3e5
sha512: d81e8aa2ff0176cb8762341d6ae7945a59e0efb8e6500e55bbfd560e4d8e962a22324991fdf275a1125b20523c0cb72dd0b89993e3b3d95dd274f4e415290d74
ssdeep: 98304:yNn7BalLj01johoErm0Joh9Y4uurdeTG+oA4KzwcNh6+:Y1YgJ4S0c6oABzw6hn
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T10E2633EC9B224163E5B6C53DF3518C16F817113614D9616BBF7CDA4A02BA7A0398CF2B
sha3_384: dac6a75c2d425409bea351ececc82a905f6c113276299d2b0473aea5987f6b47a6c2f1e2520b3fc8a3ea5ce50b33ec5b
ep_bytes: 60be15c024018dbeeb4f1bff5783cdff
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

WinGo/HackTool.Agent.AB also known as:

CylanceUnsafe
AlibabaExploit:Win32/Generic.3f47cf8d
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32a variant of WinGo/HackTool.Agent.AB
APEXMalicious
KasperskyHEUR:Exploit.Win32.MS17-010.gen
TencentWin32.Hacktool.Agent.Szlc
SophosGeneric ML PUA (PUA)
ComodoMalware@#q2d1essu0ma3
McAfee-GW-EditionBehavesLike.Win32.Morefi.rc
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Wacatac.C4190983
MalwarebytesMalware.Heuristic.1003
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZexaF.34742.@pGfaelJztm
CrowdStrikewin/malicious_confidence_100% (W)

How to remove WinGo/HackTool.Agent.AB?

WinGo/HackTool.Agent.AB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment