Trojan.Agent.BKUA
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 13,021 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 67 |
| First Seen: | April 3, 2023 |
| Last Seen: | February 20, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Agent.BKUA |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
073a9c9c6d63b066d9e3c2653436133a
SHA1:
93c79b47b50d6269721fab0f347e8fdfe32d5c92
SHA256:
64AA5A3D1C0FB4132474ED823DE368CDBCE2E1E2520B059BEB3D1C444DD0FCE8
File Size:
4.24 MB, 4239616 bytes
|
|
MD5:
6c1175bf671c7c30bed199dc5f2a03d4
SHA1:
34a1cd24da156640e3edb50eba85c316fedfe704
SHA256:
6EC613AE8E9EAD7D9F3E2D9C5F10A23E080E95DA7AEA1CF71AE0FE75FDDBBB63
File Size:
4.24 MB, 4236544 bytes
|
|
MD5:
cabe535b055d699d3e920af8b2a1006f
SHA1:
f057a46d8a6d15e9dc53acb5278e9bbc67297d77
SHA256:
07F3F76B32C1DC4E84CD6A396C41F84E1C129585F8ABC21B279A60DC6BA06690
File Size:
4.24 MB, 4239616 bytes
|
|
MD5:
474b2c1d0d71aa030847822a2462ad8a
SHA1:
1761adf9d9ad32afb21ccf87cb38075934c0bca3
SHA256:
347CB504E269D700825D25A38E0B0C2922393F742541CB0453A7032E67E5F51B
File Size:
4.44 MB, 4438784 bytes
|
|
MD5:
e0866e74d8f57af75841424325af980b
SHA1:
b190d96940859b09121c1100953aafb7050f733c
SHA256:
AF9B6D97D79B03CEC7B948D60B4F3A7CF79A9A4B41730B107A5BC9ED5BC50277
File Size:
4.14 MB, 4135168 bytes
|
Show More
|
MD5:
bf1584c184daa0916d2d606e534c31e0
SHA1:
ddfd5a181c0b0a67f49952265f0155ef5192d88f
SHA256:
FBDB35052BA3F5DAF5902965EF258AF2CEEA725C45160BB5D17EBCF6677123FE
File Size:
4.29 MB, 4290304 bytes
|
|
MD5:
0a1d50e68c70a911880feec3928de0c5
SHA1:
26105f6d8badfeb63ee14cf089b716905a5426a3
SHA256:
FB7814E200B0C20E34E4C35F46D8199C7D0E9CBABE715165344C7681B6062315
File Size:
4.29 MB, 4290304 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have exports table
- File doesn't have security information
- File has TLS information
- File is 64-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
- IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Company Name |
|
| File Description |
|
| File Version |
|
| Internal Name |
|
| Legal Copyright |
|
| Original Filename |
|
| Product Name |
|
| Product Version |
|
File Traits
- big overlay
- HighEntropy
- x64
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 191 |
|---|---|
| Potentially Malicious Blocks: | 29 |
| Whitelisted Blocks: | 161 |
| Unknown Blocks: | 1 |
Visual Map
? - Unknown Block
x - Potentially Malicious Block
