Malware

What is “MSIL/DllInject_AGen.AJ potentially unsafe”?

Malware Removal

The MSIL/DllInject_AGen.AJ potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/DllInject_AGen.AJ potentially unsafe virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/DllInject_AGen.AJ potentially unsafe?



File Info:

name: 5AB517F08F97E376CC6D.mlw
path: /opt/CAPEv2/storage/binaries/1a091dc3810c1301753d7fb00826f877daba0a8bc60a9001050c197d309c170c
crc32: A4EABB2B
md5: 5ab517f08f97e376cc6dcef67e86cd97
sha1: 9462932d6069702b58ecbea1766cd0a452dfdff5
sha256: 1a091dc3810c1301753d7fb00826f877daba0a8bc60a9001050c197d309c170c
sha512: d1aa5a74e533fadb2d090435b68ed69cb6e962bb557fd4b2c9dd8aae9208e2be8ca0b6d6413408827c3e402d74dc1a86fc0708d9f3edf4da4be3da3b10019e2a
ssdeep: 3072:mFLUyUcQLQF0+d8ZjzXoIm57AYCYvTi3ex2md1dcurXSVSt17vNvZl0fPnVSCx4N:MLUyU9cHxXd1P1P9ZuPn4Cxiq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T154349E8036B88F35D6BF5BFA0632104043B47A6B7841D75DACD9A9CF0AA7F415A46F83
sha3_384: a251a07206ed41236f7dc5ee376399c888b98c1b2f31d75b0284d931fc91e5772f04e3e61192dce3c08c1dd70dbdd063
ep_bytes: ff250020400000000000000000000000
timestamp: 2089-03-05 18:24:37


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Lunar
FileVersion: 1.0.0.0
InternalName: Lunar.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Lunar.exe
ProductName: Lunar
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/DllInject_AGen.AJ potentially unsafe also known as:

MicroWorld-eScanTrojan.GenericKD.47952421
FireEyeGeneric.mg.5ab517f08f97e376
McAfeeRDN/Generic.grp
CylanceUnsafe
SangforSuspicious.Win32.Attribute.HighConfidence
BitDefenderThetaGen:NN.ZemsilCO.34182.om0@aSc5dYk
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/DllInject_AGen.AJ potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R002H06A422
Paloaltogeneric.ml
BitDefenderTrojan.GenericKD.47952421
Ad-AwareTrojan.GenericKD.47952421
McAfee-GW-EditionRDN/Generic.grp
EmsisoftTrojan.GenericKD.47952421 (B)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.47952421
MAXmalware (ai score=85)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftPUA:Win32/Puamson.A!ml
ALYacTrojan.GenericKD.47952421
APEXMalicious
FortinetAdware/DllInject_AGen
Cybereasonmalicious.d60697

How to remove MSIL/DllInject_AGen.AJ potentially unsafe?

MSIL/DllInject_AGen.AJ potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment