Threat Database Trojans Trojan.Agent.XYB

Trojan.Agent.XYB

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 6,002
Threat Level: 80 % (High)
Infected Computers: 40
First Seen: July 31, 2024
Last Seen: April 23, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Agent.XYB
Signature status: Self Signed

Known Samples

MD5: 734180c91b9561d1ff75c3b0633d06af
SHA1: cf7a1d069fcb03397b63a2495fe457d874b5733b
SHA256: 3D9C9BE6EBF52A46FE919CDBFDBA0562E7D7591956C0D92482E8679EA439929D
File Size: 1.47 MB, 1473664 bytes
MD5: 65c90be7eafd1deb2568cd5e663850eb
SHA1: 7568b4fcd4588395801d0fe289e7b53f7cdbc62b
SHA256: 29ACD740A10B820DA199346A5FE627E7B48D405F10B54AB2F40C32797B14D044
File Size: 1.76 MB, 1756800 bytes
MD5: 9bb79bd6a4d571c6cf60202734a4ed5c
SHA1: 2587dec2635c09eccdb828107c5bf1b0ded26029
SHA256: 75F294E0F30D627257D964C26E7D256D9C967E11269AD8884FC6D4BB2AFC3CA6
File Size: 1.50 MB, 1497216 bytes
MD5: 6d2c4db91199137ba051b57e3de511ea
SHA1: 3fab4599ad7b796eed68346bfc4e685d0e2e4023
SHA256: C6B767B0E95FB5D5EA8B7BB84F4634A7ADE3D3ED2D11807410CE8C53773668D5
File Size: 1.45 MB, 1454208 bytes
MD5: 0575625c014de4aaaaabe9dc0100b570
SHA1: 0d80d3e0769201fa69b1281e319653862b0fcad1
SHA256: 13864890AB8482916D1C23AD7296DA3EF994315D65B32BFE59F88A48911D9410
File Size: 1.45 MB, 1454224 bytes
Show More
MD5: ed99cbf64eadf1c0bf8dccc067c05845
SHA1: 84244860efa406b5572129fc7f83252563d8a8cd
SHA256: 531C8F761F5CD979771AB2500E98263BDB2D5343DC5C0F37E2A50A7CF3C68218
File Size: 1.81 MB, 1809536 bytes
MD5: 7c13461d9e4fdc40ea7c96f55b62e624
SHA1: 7fd2e0afab897838d9c888d38c953ca176636eb0
SHA256: C4A196422A7C6695A934CE5AB90DB47BDEECF8432ABB441804558E95D7A9405D
File Size: 1.47 MB, 1473168 bytes
MD5: ee26e7600ce533c9358b9943b050223a
SHA1: 031ad97f0c0ba9d539582cf9658c8aac8bf37175
SHA256: 2B96406E6BB25E1DDDFF516C7F74875ABE78A2F3CBF8CF912B867F43F0B63E19
File Size: 1.44 MB, 1441936 bytes
MD5: 0d7164a3607f42ec5fd3d368e4f39485
SHA1: 1487180f1028b5bdaa423570ff2c3c43b4e96460
SHA256: 3A1E02D5B59FF2704ED16EC42863C25E3D67C5B0174E6FC8FB839ED41545F6C6
File Size: 1.48 MB, 1483408 bytes
MD5: 4b47f7fb3cd739352c4d11580594b3dd
SHA1: 4568b5bf229f1e57e2bd3b5a75b2ca1ee3ae98a8
SHA256: 86DD50A8D7CDA729AC77028FAAE5CDF39DB89B45B9DED86EFB19F3B41C34A7D7
File Size: 1.53 MB, 1527952 bytes
MD5: 92a0b85195eb236166f80f21f1a9f614
SHA1: 472c048df7fbea840fdda2448df787ba59609890
SHA256: 92BC9AD211C8AD1A53BB7638E3743B9E7AC039345F1C392FAD735A3E6BA6041C
File Size: 1.45 MB, 1448080 bytes
MD5: 21420e366495d7123a8662bc33075a7e
SHA1: e522efa6fc9bdcacf2a76bacb1461b0575a2474b
SHA256: 3DDAF4317D5A9C76AA579409BE024F28B932ABF1F3DAE147477609E1D7869981
File Size: 1.50 MB, 1497216 bytes
MD5: 5add63743c5abc1c342a1363dd5e35d6
SHA1: 3dc6b82744134685e88d58f22425a37e88d7a2ae
SHA256: 77C2A3FC36641C8D19B75A6E91C45032733ADE848553E19C9E41FB4FCD1B7044
File Size: 1.41 MB, 1407104 bytes
MD5: 3bc777f801038f22c62acc33d2e301f5
SHA1: bfbb3fc90fbb028717c878d9873d1207015985de
SHA256: CCFE41FB44E7DEC0A6F393D5510DF128607B6A16A1D54AD9478D1E4A1203BE8E
File Size: 1.43 MB, 1433736 bytes
MD5: 39b3fc50befb0bece748f2a4943b1487
SHA1: 3387cf6ab9c3992b7d9c0040504981fc6dedb0c0
SHA256: 76725DDD473D52D44B5909DB6435B7610CAF6A0255EA738E5A427BA549F3619C
File Size: 1.73 MB, 1727624 bytes
MD5: b7e328f9ad70a5a56cc2c12c33dd9e2b
SHA1: 035fca4b01912a6ba171fdeee2995b3ffd73f8ba
SHA256: 25DF81BAF5757C548006F2936631D95ADBB3FE2E20831415A526E2A8A2B35CA7
File Size: 1.55 MB, 1546240 bytes
MD5: a626a1bd568a3a04fa289df7887e106e
SHA1: 460c7c23ffdfa3c003099f3c339619f6fafed6d6
SHA256: 4C1B5915E9740B25C6270A63ED3163501A1C88B9C558C1EBDC70AA361E27D6CC
File Size: 1.95 MB, 1952968 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have resources
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Digital Signatures

Signer Root Status
*.bleacherreport.com *.bleacherreport.com Self Signed
1575d9b8.sni.cloudflaressl.com 1575d9b8.sni.cloudflaressl.com Self Signed
postman.com postman.com Self Signed
softportal.com softportal.com Self Signed
thesaurus.com thesaurus.com Self Signed
Show More
www.dress.com www.dress.com Self Signed
www.glass.com www.glass.com Self Signed
www.gulliver.com www.gulliver.com Self Signed

File Traits

  • golang
  • HighEntropy
  • No Version Info
  • x86

Block Information

Total Blocks: 874
Potentially Malicious Blocks: 2
Whitelisted Blocks: 872
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.OSA
  • Agent.OSH
  • Agent.OSK
  • Agent.XYB
  • ClipBanker.DRA
Show More
  • ClipBanker.PDB

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation

Trending

Most Viewed

Loading...