Threat Database Trojans Trojan.Agent.JCA

Trojan.Agent.JCA

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 8,852
Threat Level: 80 % (High)
Infected Computers: 245
First Seen: March 3, 2023
Last Seen: December 5, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Agent.JCA
Signature status: Root Not Trusted

Known Samples

MD5: ff6d9e2488bcd9b60e1a34726c9c9133
SHA1: 877ae5f16dc5ec869b58f8f51f6b07ec39ad7e68
SHA256: 841C44FC2E7432D0755DCA9298E752D2390A3D74986C9E9F2C948A1708D90897
File Size: 2.24 MB, 2241998 bytes
MD5: 6a9849264bb71163cc9e76b9389fcd23
SHA1: 5399f8bcd8410bb54231e3c9ad81fb467f63d4eb
SHA256: 0C31A059133C54ACE4EB5EFEBC1D6CE7ADC3D98F3489C851AFA5AA9A9A545557
File Size: 8.48 MB, 8484648 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have resources
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
Show More
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Digital Signatures

Signer Root Status
Stijn Volckaert Sectigo Public Code Signing Root R46 Root Not Trusted

File Traits

  • big overlay
  • No Version Info
  • WriteProcessMemory
  • x86

Block Information

Similar Families

  • Agent.EW
  • Agent.JCA
  • Agent.JG
  • Redline.EG
  • Redline.EGA

Files Modified

File Attributes
c:\users\user\appdata\local\temp\nsr9193.tmp\modern-wizard.bmp Generic Write,Read Attributes
c:\users\user\appdata\local\temp\nsr9193.tmp\modern-wizard.bmp Synchronize,Write Attributes
c:\users\user\appdata\local\temp\nsr9193.tmp\nsdialogs.dll Generic Write,Read Attributes

Windows API Usage

Category API
Process Manipulation Evasion
  • NtUnmapViewOfSection
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation

Trending

Most Viewed

Loading...