Solutions for:
Home Products
Small Business
Medium Business
Enterprise
Vulnerabilities Threats
Home Threats Trojan-Downloader Win64

Trojan-Downloader.Win64.Agent.azt

Update Date
02/02/2024

Class: Trojan-Downloader

Programs classified as Trojan-Downloader download and install new versions of malicious programs, including Trojans and AdWare, on victim computers. Once downloaded from the Internet, the programs are launched or included on a list of programs which will run automatically when the operating system boots up. Information about the names and locations of the programs which are downloaded are in the Trojan code, or are downloaded by the Trojan from an Internet resource (usually a web page). This type of malicious program is frequently used in the initial infection of visitors to websites which contain exploits.

Read more

Platform: Win64

Win64 is a platform on Windows-based operating systems for execution of 32-/64-bit applications. Win64 programs cannot be launched on 32-bit versions of Windows.

Family: Trojan.Win64.Agent

No family description

Examples

4C02F57F9E9337AC92A033CA7790AB47
AC39B3ABACB48DF333676F33ED9C950A
FCBDA90495FE7FF4EC136983552E3A97
D03BE48E39870BDEE643C2645775102D
A48CDCE1DF0B232694E93A0E66BEE396

Tactics and Techniques: Mitre*

TA0002
Execution

An adversary may rely upon a user opening a malicious file in order to gain execution. Users may be subjected to social engineering to get them to open a file that will lead to code execution. This user action will typically be observed as follow-on behavior from Spearphishing Attachment. Adversaries may use several types of files that require a user to execute them, including .doc, .pdf, .xls, .rtf, .scr, .exe, .lnk, .pif, and .cpl.


T1204.002
Malicious File

An adversary may rely upon a user opening a malicious file in order to gain execution. Users may be subjected to social engineering to get them to open a file that will lead to code execution. This user action will typically be observed as follow-on behavior from Spearphishing Attachment. Adversaries may use several types of files that require a user to execute them, including .doc, .pdf, .xls, .rtf, .scr, .exe, .lnk, .pif, and .cpl.


* © 2025 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.

Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Related articles
29 August 2025
Securelist
How attackers adapt to built-in macOS protection
27 August 2025
Securelist
Exploits and vulnerabilities in Q2 2025
22 August 2025
Securelist
Modern vehicle cybersecurity trends
19 August 2025
Securelist
GodRAT – New RAT targeting financial institutions
18 August 2025
Securelist
Evolution of the PipeMagic backdoor: from the RansomExx incident to CVE-2025-29824
13 August 2025
Securelist
New trends in phishing and scams: how AI and social media are changing the game
Found an inaccuracy in the description of this vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Found a new Threat or Vulnerability?
If you found a new Threat or Vulnerability, please, let us know by email:
newvirus@kaspersky.com
Solutions for
Home Products
Small Business
Medium Business
Enterprise
Select language
Sorting
Threat
Confirm changes?
Your message has been sent successfully.