Trojan

About “MSIL/TrojanDownloader.Agent.BOH” infection

Malware Removal

The MSIL/TrojanDownloader.Agent.BOH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.BOH virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.BOH?



File Info:

name: 057FEE0B425A28B5A9DD.mlw
path: /opt/CAPEv2/storage/binaries/222b9668c07df3957eb33316eb188d170f76b39328e3996de6c2ada40f8ca4f8
crc32: 1D795938
md5: 057fee0b425a28b5a9dd2acb67014b60
sha1: 7ed53efe364386c99058c15e04646d4843a1e2c1
sha256: 222b9668c07df3957eb33316eb188d170f76b39328e3996de6c2ada40f8ca4f8
sha512: 3a16cae750bd1631e5bb440963749150aaebe1dffbdf3b8035927d13b6168c23d5f7ce8051d4164cc7cab237f1432a1dd3b4fb8146f59a6fcd602bfe34fc93e6
ssdeep: 384:fKCmEFX8pWTzMBVxdLrb4p1NP9HzA+DgI9aUKzAI0:CCmq8kTzMzyztaUKzAI0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E4522A1463E0C33EC9FE0BB259A3A7400B71E65AC943EA6EA5C86116DE737004793B75
sha3_384: c37afa139d639984c9071c3f019ea2ddf877e9c562ae54cf4e10b9ce0b941a34f35a851da3ecd19764b71fb036ac8ddf
ep_bytes: ff250020400000000000000000000000
timestamp: 2078-03-16 03:49:39


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: WindowsApp4
FileVersion: 1.0.0.0
InternalName: WindowsApp4.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: WindowsApp4.exe
ProductName: WindowsApp4
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/TrojanDownloader.Agent.BOH also known as:

BkavW32.AIDetectNet.01
Elasticmalicious (moderate confidence)
FireEyeGeneric.mg.057fee0b425a28b5
McAfeeArtemis!057FEE0B425A
K7AntiVirusTrojan ( 004c9fe61 )
K7GWTrojan ( 004c9fe61 )
CrowdStrikewin/malicious_confidence_90% (W)
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.BOH
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Fsysna.gen
CynetMalicious (score: 99)
RisingTrojan.Generic/MSIL@AI.97 (RDM.MSIL:7LKd+CQcHaZsyac8v8/bZw)
McAfee-GW-EditionArtemis
IkarusTrojan-Downloader.MSIL.Tiny
AviraHEUR/AGEN.1252498
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataWin32.Trojan-Downloader.Generic.O92R76
GoogleDetected
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R014H0CIL22
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.BOH!tr.dldr
AVGFileRepMalware [Misc]
Cybereasonmalicious.e36438
AvastFileRepMalware [Misc]

How to remove MSIL/TrojanDownloader.Agent.BOH?

MSIL/TrojanDownloader.Agent.BOH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment