Threat Database Trojans Trojan.Agent.GFSD

Trojan.Agent.GFSD

By CagedTech in Trojans

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Agent.GFSD
Signature status:	No Signature

Known Samples

MD5: f1681d39644ccd57f5181b819fb0456a

SHA1: 8e968574061156bc3ed79f45d37b795bcaf1439b

SHA256: C7FA04C1919A5A98D8C098A73C99B04352F373E61BF8720DE1B255FA615F944E

File Size: 32.26 KB, 32256 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have exports table
File doesn't have security information
File is 64-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

dll
ntdll
VirtualQueryEx
WriteProcessMemory
x64

Block Information

Total Blocks:	104
Potentially Malicious Blocks:	4
Whitelisted Blocks:	100
Unknown Blocks:	0

Visual Map

0 0 0 0 0 x x 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 0 0 0 0 0

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category

API

Syscall Use

ntdll.dll!NtAccessCheck
ntdll.dll!NtAlertThreadByThreadId
ntdll.dll!NtAlpcSendWaitReceivePort
ntdll.dll!NtApphelpCacheControl
ntdll.dll!NtClose
ntdll.dll!NtConnectPort
ntdll.dll!NtCreateSection
ntdll.dll!NtDuplicateToken
ntdll.dll!NtFreeVirtualMemory
ntdll.dll!NtMapViewOfSection

Show More

ntdll.dll!NtOpenFile
ntdll.dll!NtOpenKey
ntdll.dll!NtOpenKeyEx
ntdll.dll!NtOpenProcessToken
ntdll.dll!NtOpenProcessTokenEx
ntdll.dll!NtOpenSection
ntdll.dll!NtOpenThreadTokenEx
ntdll.dll!NtProtectVirtualMemory
ntdll.dll!NtQueryAttributesFile
ntdll.dll!NtQueryDebugFilterState
ntdll.dll!NtQueryInformationProcess
ntdll.dll!NtQueryInformationThread
ntdll.dll!NtQueryInformationToken
ntdll.dll!NtQueryKey
ntdll.dll!NtQueryPerformanceCounter
ntdll.dll!NtQuerySecurityAttributesToken
ntdll.dll!NtQueryValueKey
ntdll.dll!NtQueryVirtualMemory
ntdll.dll!NtQueryVolumeInformationFile
ntdll.dll!NtReleaseWorkerFactoryWorker
ntdll.dll!NtRequestWaitReplyPort
ntdll.dll!NtSetEvent
ntdll.dll!NtSetInformationProcess
ntdll.dll!NtSetInformationVirtualMemory
ntdll.dll!NtSetInformationWorkerFactory
ntdll.dll!NtTestAlert
ntdll.dll!NtTraceControl
ntdll.dll!NtUnmapViewOfSection
ntdll.dll!NtWaitForAlertByThreadId
ntdll.dll!NtWaitForSingleObject
ntdll.dll!NtWaitForWorkViaWorkerFactory
ntdll.dll!NtWaitLowEventPair
ntdll.dll!NtWriteFile
UNKNOWN

Trending

Trojan.Agent.LFB

December 24, 2025

Analysis Report General information Family Name: Trojan.Agent.GFSD Signature status: No Signature Known Samples i Known Samples This section lists other file samples believed to be associated with...

Trojan.PrintSpoofer.D

January 16, 2026

Analysis Report General information Family Name: Trojan.Agent.GFSD Signature status: No Signature Known Samples i Known Samples This section lists other file samples believed to be associated with...

Trojan.Agent.IFSC

October 29, 2025

Analysis Report General information Family Name: Trojan.Agent.GFSD Signature status: No Signature Known Samples i Known Samples This section lists other file samples believed to be associated with...

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

June 29, 2021 44,184

Printers are notorious for refusing to do their job whenever the user needs it the most. Luckily, if your printer is displaying the Printer Driver is Unavailable' error, then there are a couple of...

Discord Shows Black Screen when Sharing Screen screenshot

Discord Shows Black Screen when Sharing Screen

June 21, 2021 34,072

When it first launched, Discord was a VoIP platform geared toward the gaming community. However, in the following years, it expanded its scope, added numerous new features, and became one of the...

How to Fix 'macOS cannot verify that this app is...

November 15, 2021 32,570

Mac users usually encounter the 'macOS cannot verify that this app is free from malware' message while trying to install applications from unknown developers or ones that are not available on the...

Loading...