Trojan

About “WinGo/TrojanDownloader.Agent.AB” infection

Malware Removal

The WinGo/TrojanDownloader.Agent.AB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What WinGo/TrojanDownloader.Agent.AB virus can do?

  • Attempts to connect to a dead IP:Port (2 unique times)
  • Presents an Authenticode digital signature
  • Performs some HTTP requests
  • Uses Windows utilities for basic functionality
  • Generates some ICMP traffic

Related domains:

baidu.com
flashdownloadserver.oss-cn-hongkong.aliyuncs.com

How to determine WinGo/TrojanDownloader.Agent.AB?



File Info:

crc32: 4466E6EE
md5: f42a95b5dac97e7dfca289d6068c64e2
name: F42A95B5DAC97E7DFCA289D6068C64E2.mlw
sha1: 706b167081311af2717a3a0e8384edfa4bae5820
sha256: c11906210465045a54a5de1053ce0624308a8c7b342bb707a24e534ca662dc89
sha512: d2842156f5a691e983ee6bc448ba544f430b0448c90170e366626035f3d3a32f6a207c276c19f4f7d808a9c5fdc3cb2e58b0d8aa0d47d9453be38837d3da0d6e
ssdeep: 49152:j/QlJmmEeBMZ7NK8gzQLcb2IDBc1qIxddntTl7HhMRpPS8HBx8xwIGjg+ARDTjzy:j/uvEeecbFDBsd5tTlr4H/q+AdG
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows


Version Info:

0: [No Data]

WinGo/TrojanDownloader.Agent.AB also known as:

DrWebTrojan.DownLoader40.37744
ALYacBackdoor.Agent.Biopass
SangforTrojan.Win32.Agent.xxzrjf
CyrenW32/Trojan.GNNF-1585
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of WinGo/TrojanDownloader.Agent.AB
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 99)
KasperskyTrojan-Downloader.Win32.Agent.xxzrjf
BitDefenderTrojan.GenericKD.37214542
MicroWorld-eScanTrojan.GenericKD.37214542
Ad-AwareTrojan.GenericKD.37214542
SophosMal/Generic-S
ComodoMalware@#3phznyf4yymcs
TrendMicroBackdoor.Win32.BIOPASS.A
McAfee-GW-EditionArtemis!Trojan
FireEyeTrojan.GenericKD.37214542
EmsisoftTrojan.GenericKD.37214542 (B)
WebrootW32.Trojan.Biopass
AviraTR/Redcap.jjbfv
KingsoftWin32.Troj.Generic_a.a.(kcloud)
MicrosoftTrojan:Win32/Glupteba!ml
ArcabitTrojan.Generic.D237D94E
ZoneAlarmTrojan-Downloader.Win32.Agent.xxzrjf
GDataTrojan.GenericKD.37214542
McAfeeGenericRXAA-AA!F42A95B5DAC9
MAXmalware (ai score=83)
MalwarebytesMalware.AI.1957324561
TrendMicro-HouseCallBackdoor.Win32.BIOPASS.A
IkarusTrojan.Win64.Ranumbot
AVGWin32:Malware-gen
Qihoo-360Win32/TrojanDownloader.Generic.HgIASYMA

How to remove WinGo/TrojanDownloader.Agent.AB?

WinGo/TrojanDownloader.Agent.AB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment