Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Agent.Gen.BNJ

Trojan.Agent.Gen.BNJ

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 13,200
Threat Level: 80 % (High)
Infected Computers: 8
First Seen: April 2, 2026
Last Seen: April 27, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Agent.Gen.BNJ
Signature status: No Signature

Known Samples

MD5: c68683bc7f0e7fc45a707855e1a285e1
SHA1: 66712a93b89d8bb26017b33001775dad8a16b889
SHA256: FBD625897FDF32025A63BAB4BCA684D7E996416C743D03B3BDE2D64B428B7FDC
File Size: 398.47 KB, 398472 bytes
MD5: 0a89e7518d5da2130bb9db222b13bc45
SHA1: 9b4a2dbd13f421755e97336cc5dfda44383821c4
SHA256: 6A9C1FA9530FE4D54F727111300B8FB80F380EA03C363E80AC5A24BDF18DAADE
File Size: 410.43 KB, 410432 bytes
MD5: dac7c3aa83dd6774651945646bb40fbf
SHA1: 360fedb977091336f17cb169202021fd2645824a
SHA256: BEEAECBD9BCBF4B0D8D64259511F5ABECB1DC93599CCD9FF097066963627DCA9
File Size: 401.92 KB, 401920 bytes
MD5: e6550a4d980b46a809fd8b824891761e
SHA1: 40f9c0efa5381d78e09405adca82c5e6d7fe3537
SHA256: F50FCDDD09409B3B4C23684C3120A8320E325D4C9C5FFF5DBC3587B65A7D305D
File Size: 344.58 KB, 344576 bytes
MD5: f70d796e1e7a4ca917b680d723fef9d1
SHA1: e29e02b1ef99350e0f267b4a609ae42ead6e0c81
SHA256: 420470634F5CF449E7835827FFE2D60393A1BDE789275CDE108B70F28AB39FD4
File Size: 381.95 KB, 381952 bytes
Show More
MD5: d5b01e27925dad8c3ac7c273ac807c51
SHA1: 147a15819c13bc4649dbd1753184b6d8e18e1dc8
SHA256: 09B0264DC382266410BB4EE5670389DE7E10838600912E0AE89CB382398AC158
File Size: 369.66 KB, 369664 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
Show More
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name
  • be quiet!
  • Dell Inc.
  • JetBrains s.r.o.
  • Microsoft Corporation
  • OBS Project
  • Python Software Foundation
File Description
  • Antimalware Service Executable
  • be quiet! System Power Monitor
  • Dell Display Manager
  • OBS Studio
  • Python Interpreter
  • WebStorm
File Version
  • 537.57.35.67
  • 22.1.493.51
  • 15.13.26561.739
  • 10.8.691.140
  • 4.13.2908.177
  • 4.12.3831.322
Internal Name
  • BQSysPwrMon.exe
  • DDM.exe
  • MsMpEng.exe
  • obs64.exe
  • python.exe
  • webstorm64.exe
Legal Copyright
  • Copyright © 2023 Microsoft Corporation. All rights reserved.
  • Copyright © 2026 be quiet!. All rights reserved.
  • © 2015-2020 OBS Project. All rights reserved.
  • © 2016-2026 JetBrains s.r.o.. All rights reserved.
  • © Dell Inc. 2020. All rights reserved.
  • © Python Software Foundation 2023. All rights reserved.
Original Filename
  • BQSysPwrMon.exe
  • DDM.exe
  • MsMpEng.exe
  • obs64.exe
  • python.exe
  • webstorm64.exe
Product Name
  • be quiet! System Power Monitor
  • Dell Display Manager
  • OBS Studio
  • Python
  • WebStorm
  • Windows Defender
Product Version
  • Python 22.1
  • OBS Studio 4.13
  • 537.57.35.67
  • 15.13.26561.739
  • 10.8.691.140
  • 4.12

Digital Signatures

Signer Root Status
Grammarly, Inc. Grammarly, Inc. Self Signed
Notion Labs, Inc. Notion Labs, Inc. Self Signed

File Traits

  • dll
  • HighEntropy
  • ntdll
  • x64

Block Information

Total Blocks: 913
Potentially Malicious Blocks: 50
Whitelisted Blocks: 863
Unknown Blocks: 0

Visual Map

0 0 0 0 x x 0 0 0 0 x x 0 x x x x 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x x 0 x x x x x x 0 x x 0 x x x x x x x 0 0 x 0 0 x 0 x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 x x 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 x x x x x x x x 0 0 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
Show More
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • UNKNOWN

Trending

Most Viewed

Loading...