Worm

Worm.BAT.Agent.dp malicious file

Malware Removal

The Worm.BAT.Agent.dp is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.BAT.Agent.dp virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Deletes executed files from disk
  • Anomalous binary characteristics

How to determine Worm.BAT.Agent.dp?



File Info:

name: 03388BF42B921B6B81A2.mlw
path: /opt/CAPEv2/storage/binaries/98aae18df45e71594a511d27a7e062d1b319f0300d5da1eec59c059060ab90fe
crc32: E5E66288
md5: 03388bf42b921b6b81a2e88270de834d
sha1: a629b8e657954b210925b822ecd4daff68099215
sha256: 98aae18df45e71594a511d27a7e062d1b319f0300d5da1eec59c059060ab90fe
sha512: f68112814512d502c0f2270ddbaacc1906dfdeb0b271ebf66dc42dfc67704d3cc6f054d0f82e37d71166a9096fb5574175e4513345c66ff7d77aaa44486b1537
ssdeep: 393216:6nPyurFd3wkMZbGHIgqcktFQS+iD5E4WGS7Up:yaqQhkpwFQMD5cGS7Up
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C5D63360F8EA57BAEAFA217664097A7CF0C98C58D7025887F1885607ED740CDC82E57F
sha3_384: 64520eb1406de72723ffb62beebf9012116ee81baae6c2fb81acf8da616c9049c3ce0923f088f40552482c113b894fdc
ep_bytes: 558bec6aff68505e410068702f410064
timestamp: 2012-05-10 08:33:52


Version Info:

CompanyName: Sysinternals - www.sysinternals.com
FileDescription: Sysinternals Process Explorer
FileVersion: 16.05
InternalName: Process Explorer
LegalCopyright: Copyright © 1998-2014 Mark Russinovich 
LegalTrademarks: Copyright (C) 1998-2014 Mark Russinovich 
OriginalFilename: Procexp.exe
ProductName: Process Explorer
ProductVersion: 16.05
Translation: 0x0409 0x04e4

Worm.BAT.Agent.dp also known as:

CylanceUnsafe
K7AntiVirusTrojan ( 005587be1 )
K7GWTrojan ( 005587be1 )
CyrenW32/Skeeyah.V.gen!Eldorado
Elasticmalicious (moderate confidence)
ESET-NOD32multiple detections
ClamAVWin.Malware.Pterodo-9849653-0
KasperskyWorm.BAT.Agent.dp
AvastWin32:Evo-gen [Trj]
SophosGeneric ML PUA (PUA)
ComodoPacked.Win32.MUPX.Gen@24tbus
JiangminWorm.BAT.ec
GoogleDetected
AviraBDS/Agent.nsnlo
CynetMalicious (score: 99)
AhnLab-V3Malware/Win.Malware-gen.R493665
MalwarebytesMalware.AI.2198291610
YandexTrojan.Pterodo!r1XmhmyiEK4
IkarusWorm.BAT.Agent
FortinetBAT/Agent.NFI!worm
AVGWin32:Evo-gen [Trj]

How to remove Worm.BAT.Agent.dp?

Worm.BAT.Agent.dp removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment