Malware

MSIL/Agent.DMH malicious file

Malware Removal

The MSIL/Agent.DMH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Agent.DMH virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs

Related domains:

wpad.local-net

How to determine MSIL/Agent.DMH?



File Info:

name: 5BC21EE7BCEE71ECB080.mlw
path: /opt/CAPEv2/storage/binaries/9b9e83d7c0d7df70eaf2f671783f98c35d5a52f7c8a0c6999ce84f2176e9eda2
crc32: 4AFEB33D
md5: 5bc21ee7bcee71ecb080acf47acf1e1c
sha1: c4312ecb36b5985d0b1ff9ff478e2832907a8619
sha256: 9b9e83d7c0d7df70eaf2f671783f98c35d5a52f7c8a0c6999ce84f2176e9eda2
sha512: 25246cf44f1bdb2c0b9bc24cc1c29a6acfd934a86870e209b1daf7ff24fb14bb76fb88ce0f7a654449c13b1dbf5ee12de143aa6e04be23a67375bf636faaf702
ssdeep: 768:AC31gW2Hw5TWAsKHwHDtcTHnt0OrdqIdBz+:AClgW2H5pEIIdBz+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T124135B51B3B8D533DA5E07B9A0335B4407B5DA452233E76A2F69811C3D33B948EA17E3
sha3_384: dc06785c2641c6669695461e63f08861942a6f22684414cb538fd77a237a32a113a9675a019ff1bd3d775e8594bfc865
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-07-29 00:25:51


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Microsoft® Windows®
FileDescription: Application
FileVersion: 2.2.5.1
InternalName: Ruadan
LegalCopyright: © Microsoft 2009. All rights reserved.
LegalTrademarks: Microsoft®Windows®
OriginalFilename: Ruadan
ProductName: Ruadan
ProductVersion: 1.2.2.5
Assembly Version: 1.2.2.5

MSIL/Agent.DMH also known as:

LionicTrojan.Win32.Perseus.4!c
Elasticmalicious (high confidence)
DrWebBackDoor.Quasar.1
MicroWorld-eScanGen:Variant.MSILPerseus.143573
FireEyeGen:Variant.MSILPerseus.143573
CAT-QuickHealTrojan.AgentFC.S22016988
ALYacGen:Variant.MSILPerseus.143573
SangforSuspicious.Win32.MSILPerseus.143573
K7AntiVirusTrojan ( 005805841 )
AlibabaTrojan:MSIL/Generic.1fa24379
K7GWTrojan ( 005805841 )
BitDefenderThetaGen:NN.ZemsilCO.34294.cm0@amqg7fm
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Agent.DMH
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.MSILPerseus.143573
AvastWin32:TrojanX-gen [Trj]
TencentMsil.Trojan.Msilperseus.Szlq
Ad-AwareGen:Variant.MSILPerseus.143573
EmsisoftGen:Variant.MSILPerseus.143573 (B)
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PH121
McAfee-GW-EditionTrojan-FRAX!5BC21EE7BCEE
SophosMal/Generic-S
IkarusTrojan.MSIL.Spy
GDataGen:Variant.MSILPerseus.143573
AviraTR/Agent.caegu
ArcabitTrojan.MSILPerseus.D230D5
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Subti.C4568956
McAfeeTrojan-FRAX!5BC21EE7BCEE
MAXmalware (ai score=84)
VBA32Backdoor.Quasar
MalwarebytesTrojan.Agent.MSIL
TrendMicro-HouseCallTROJ_GEN.R002C0PH121
FortinetPossibleThreat
AVGWin32:TrojanX-gen [Trj]

How to remove MSIL/Agent.DMH?

MSIL/Agent.DMH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment