Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan-Clicker Win32

Trojan-Clicker.Win32.Agent.cimb

Update Date
06/17/2026

Class: Trojan-Clicker

Programs classified as Trojan-Clicker are designed to access Internet resources (usually web pages). This is done either by sending appropriate commands to the browser or by replacing system files that provide “standard” addresses for Internet resources (such as the Windows hosts file). A malicious user may use Trojan-Clicker programs to: increase the number of visits to certain sites in order to boost the number of hits for online ads conduct a DoS (Denial of Service) attack on a particular server lead potential victims to viruses or Trojans.

Read more

Platform: Win32

Win32 is an API on Windows NT-based operating systems (Windows XP, Windows 7, etc.) that supports execution of 32-bit applications. One of the most widespread programming platforms in the world.

Family: Trojan-Clicker.Win32.Agent

No family description

Examples

4A9588E6A0B503F1A1536C3ED53D19DF
EE7069D912CA914B769416C7C0F8CEBE
FB3CC220001D37C7EC3C08555EAA0374

Tactics and Techniques: Mitre*

TA0005
Defense Evasion
The adversary is trying to avoid being detected. Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics' techniques are cross-listed here when those techniques include the added benefit of subverting defenses.
T1036
Masquerading
Adversaries may attempt to manipulate features of their artifacts to make them appear legitimate or benign to users and/or security tools. Masquerading occurs when the name or location of an object, legitimate or malicious, is manipulated or abused for the sake of evading defenses and observation. This may include manipulating file metadata, tricking users into misidentifying the file type, and giving legitimate task or service names.
T1070.010
Relocate Malware
Once a payload is delivered, adversaries may reproduce copies of the same malware on the victim system to remove evidence of their presence and/or avoid defenses. Copying malware payloads to new locations may also be combined with File Deletion to cleanup older artifacts.

* © 2026 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
22 June 2026
Securelist
A VBScript campaign distributed through WhatsApp deploying RMM software
16 June 2026
Securelist
Dozens of malicious wallpapers found on Steam Workshop: gamers’ accounts at risk
03 June 2026
Securelist
Argamal: Malware hidden in hentai games
02 June 2026
Securelist
Wardriving assessment across Mexico: Preparing for the 2026 World Cup
01 June 2026
Securelist
Containers on fire: from container escapes to supply chain attacks
29 May 2026
Securelist
What’s in the container? Analyzing vulnerabilities, risks and protection with Kaspersky Container Security and the KIRA AI assistant
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
You must select at least one severity level
Do you want to save your changes?
Your message has been sent successfully.