Categories: Malware

MSIL/Agent.DEF malicious file

The MSIL/Agent.DEF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What MSIL/Agent.DEF virus can do?

Dynamic (imported) function loading detected
Possible date expiration check, exits too soon after checking local time
CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine MSIL/Agent.DEF?


File Info:
name: F2F1D6E07837FF108488.mlwpath: /opt/CAPEv2/storage/binaries/23fea56f1047d1500d7ef0b426c6d71bfc9df6d1f73a69c170ebee9ae4a4940ecrc32: 366CE453md5: f2f1d6e07837ff108488415be777d6bbsha1: e39e88bc3ff74829e22c612316fba1d085c0088esha256: 23fea56f1047d1500d7ef0b426c6d71bfc9df6d1f73a69c170ebee9ae4a4940esha512: b6b9769fd78ecd2238f0c08039a953b945e743629af0aa9fca2234fa1a7d11e6466c011e60f1ff7c626e06553213a4a75b3adb0734bc21d7de8f6222bb5842e8ssdeep: 1536:d8xw8V/oq1udbxzyrN1hSlIKBi8Nx52Wb7oPE7WBD29YEb0lbhHAtRlOG9A+:Ct1u761I7b2WXo/D2GEIlbZ0zK+type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1ABD3C54BB3C84B02D454A6B5C0EF292413F1ADC73B33D6853E4877AD19427A7FE49A4Asha3_384: 87b57d721234d42b9c23470673dc6f605664e9296c0d113ccfce4ea2ffc8e13bcd9b693ab95ca5a4740db7e485f90021ep_bytes: ff250020400000000000000000000000timestamp: 2021-05-02 07:24:30
Version Info:
Translation: 0x0000 0x04b0Comments: CompanyName: Microsoft CorporationFileDescription: Windows UpdateFileVersion: 1.0.0.0InternalName: WindowsUpdate.exeLegalCopyright: © Microsoft Corporation. All rights reserved.LegalTrademarks: OriginalFilename: WindowsUpdate.exeProductName: Microsoft® Windows® Operating SystemProductVersion: 1.0.0.0Assembly Version: 1.0.0.0

MSIL/Agent.DEF also known as:

Lionic	Trojan.MSIL.Crysan.m!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.36899477
FireEye	Generic.mg.f2f1d6e07837ff10
ALYac	Trojan.GenericKD.36899477
Cylance	Unsafe
Zillya	Trojan.Agent.Win32.2088079
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 004d65011 )
Alibaba	Backdoor:MSIL/Crysan.c9181da3
K7GW	Trojan ( 004d65011 )
CrowdStrike	win/malicious_confidence_100% (W)
Cyren	W32/MSIL_Kryptik.CYI.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Agent.DEF
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Backdoor.MSIL.Crysan.gen
BitDefender	Trojan.GenericKD.36899477
Avast	Win32:DropperX-gen [Drp]
Tencent	Msil.Backdoor.Crysan.Eeqr
Ad-Aware	Trojan.GenericKD.36899477
Emsisoft	Trojan.GenericKD.36899477 (B)
DrWeb	BackDoor.AsyncRATNET.2
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R06CC0DE221
McAfee-GW-Edition	Artemis!Trojan
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Agent
GData	Trojan.GenericKD.36899477
Jiangmin	Backdoor.MSIL.erwo
Webroot	W32.Adware.Gen
Avira	TR/Dropper.Gen
MAX	malware (ai score=85)
Kingsoft	Win32.Hack.Undef.(kcloud)
Microsoft	Trojan:MSIL/Ursu.KP
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Bladabindi.C4385341
McAfee	Artemis!F2F1D6E07837
VBA32	TScope.Trojan.MSIL
Malwarebytes	Backdoor.Dropper
TrendMicro-HouseCall	TROJ_GEN.R06CC0DE221
Yandex	Trojan.Agent!58Nfc2tvgs4
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_98%
Fortinet	W32/Crysan.DHI!tr.bdr
BitDefenderTheta	Gen:NN.ZemsilF.34084.im0@aGaygn
AVG	Win32:DropperX-gen [Drp]
Cybereason	malicious.07837f
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.74418669.susgen