Malware

Constructor.MSIL.Agent removal tips

Malware Removal

The Constructor.MSIL.Agent is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Constructor.MSIL.Agent virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Constructor.MSIL.Agent?



File Info:

name: 334CCA7831FA9BF89D85.mlw
path: /opt/CAPEv2/storage/binaries/383d43b095b8c846569c5a3020d75a242c3dd65e3cfd0da4f0d66956d38bc5d2
crc32: 1C10987A
md5: 334cca7831fa9bf89d85fe38cdfb3181
sha1: 2a3747c82f8170990b20c9635d3bcb676aea623e
sha256: 383d43b095b8c846569c5a3020d75a242c3dd65e3cfd0da4f0d66956d38bc5d2
sha512: bfcdc121b058d236020209291e6dd250940bb8cf8bc9b77e257a5e444dfd13e75ac01a9b36afb07e221c3a6b0ddbf6945e4612558cff6fade503b5e2db1808ba
ssdeep: 3072:KvGopgAxBCffyYD/7KXakh8wUW38wUW38wUWS+s8wUKI:KvGoCAxvYD/76h8wt8wt8w68w
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T149F3051023588359E8D747B56952E0A0B3F19C57EE62F6013EDEB9A72F73F814621B03
sha3_384: fe44d620b9c6078fa6d0771d29433bbbbde2334d62d0a91ad13fe9a20f5323d12d85bb8998bb1c2a5d2263a1da6fc5ca
ep_bytes: ff250020400001020304050607080000
timestamp: 2068-10-18 03:13:25


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Lime-Crypter
FileVersion: 1.0.0.0
InternalName: Lime-Crypter.exe
LegalCopyright: Copyright ©  2019
LegalTrademarks: 
OriginalFilename: Lime-Crypter.exe
ProductName: Lime-Crypter
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Constructor.MSIL.Agent also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.334cca7831fa9bf8
McAfeeGenericRXKU-AG!334CCA7831FA
CyrenW32/MSIL_Agent.BMX.gen!Eldorado
ESET-NOD32a variant of MSIL/Riskware.Crypter.RC
APEXMalicious
ClamAVWin.Dropper.Sodinokibi-9862317-0
KasperskyHEUR:Constructor.MSIL.Agent.gen
BitDefenderGen:Variant.MSILPerseus.196529
MicroWorld-eScanGen:Variant.MSILPerseus.196529
AvastWin32:CrypterX-gen [Trj]
Ad-AwareGen:Variant.MSILPerseus.196529
EmsisoftGen:Variant.MSILPerseus.196529 (B)
VIPREGen:Variant.MSILPerseus.196529
McAfee-GW-EditionGenericRXKU-AG!334CCA7831FA
SophosGeneric ML PUA (PUA)
GDataGen:Variant.MSILPerseus.196529
ArcabitTrojan.MSILPerseus.D2FFB1
SUPERAntiSpywareTrojan.Agent/Gen-MSILPerseus
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
GoogleDetected
AhnLab-V3Unwanted/Win32.RL_Agent.C3626414
Acronissuspicious
ALYacGen:Variant.MSILPerseus.196529
MAXmalware (ai score=89)
MalwarebytesTrojan.LimeCrypter
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZemsilF.34606.km0@aqL3xRk
AVGWin32:CrypterX-gen [Trj]
Cybereasonmalicious.831fa9
PandaTrj/GdSda.A

How to remove Constructor.MSIL.Agent?

Constructor.MSIL.Agent removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment