Malware

About “MSIL/Agent_AGen.D” infection

Malware Removal

The MSIL/Agent_AGen.D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Agent_AGen.D virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine MSIL/Agent_AGen.D?



File Info:

name: 16E85ACAD39990B92463.mlw
path: /opt/CAPEv2/storage/binaries/1c09b7961c2775f936070c50665cd4b896e03e3fa483d2e1f6c944b992ee2c8d
crc32: 5B2211B6
md5: 16e85acad39990b924636ef5814f1fc6
sha1: 66a33f1a9a605e0e5f9bc37e2773546f9eac3a67
sha256: 1c09b7961c2775f936070c50665cd4b896e03e3fa483d2e1f6c944b992ee2c8d
sha512: de14aa7c5734739c64c837cb3a3748154120158d08f79765958094f383f5a5e6d64dfa5d8d501643699b612c11a0a7d71ba787ce569860cf4fa3b19aacc1bc0f
ssdeep: 1536:tLO6CbPI8v9TNfjU+m+qOl/08N+10wj3HlSmsWvNnkCLFOs4QDX:tLO6CLx9ThB3Dlc8E10wzUmsWvNnkYjp
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T194A35B2439FA501AF1B3EF795EE475E69A2FB6733703981E1091034A4B23A81DED153E
sha3_384: e5a828c5881a03b75c2f9ddf5a8299dc4b0972f69c79acf1209aeab717bc8f3e2e5005544d0682bae34add52c65622db
ep_bytes: ff257494410000000000000000004894
timestamp: 2022-05-03 01:53:39


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1.0.0.0
InternalName: test.exe
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: test.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Agent_AGen.D also known as:

BkavW32.AIDetectNet.01
SangforSuspicious.Win32.Save.a
Cybereasonmalicious.ad3999
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Agent_AGen.D
APEXMalicious
CynetMalicious (score: 100)
BitDefenderGen:Variant.Ursu.320185
MicroWorld-eScanGen:Variant.Ursu.320185
RisingTrojan.Generic/MSIL@AI.94 (RDM.MSIL:HRqNj2xUhxEQ+t3kowOfQQ)
Ad-AwareGen:Variant.Ursu.320185
SophosML/PE-A
F-SecureTrojan.TR/Dropper.MSIL.Gen
FireEyeGeneric.mg.16e85acad39990b9
EmsisoftGen:Variant.Ursu.320185 (B)
GDataGen:Variant.Ursu.320185
AviraTR/Dropper.MSIL.Gen
ArcabitTrojan.Ursu.D4E2B9
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
Acronissuspicious
ALYacGen:Variant.Ursu.320185
MAXmalware (ai score=86)
CylanceUnsafe
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZemsilF.34638.gm0@aSYjYTp
CrowdStrikewin/malicious_confidence_60% (D)

How to remove MSIL/Agent_AGen.D?

MSIL/Agent_AGen.D removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment