Spy

MSIL/Spy.Agent.DJI (file analysis)

Malware Removal

The MSIL/Spy.Agent.DJI is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Spy.Agent.DJI virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/Spy.Agent.DJI?



File Info:

name: 1C26BE4F9207DC6A1430.mlw
path: /opt/CAPEv2/storage/binaries/383450d6c5f7da2e1c33c37bb602d2be5653e4c2c86883739e381b48853a0212
crc32: 93AE52D7
md5: 1c26be4f9207dc6a14309f0ffaa1dbb8
sha1: 6e3434b7663af23d9931e2d7d0c230578f9031ca
sha256: 383450d6c5f7da2e1c33c37bb602d2be5653e4c2c86883739e381b48853a0212
sha512: 4e70019783af22c209035215cb92771a355e4802962558ec765bb69d74384c5fbc6faf48322909f64b188ff9eecb6e1cc6a147f445b686bf5251ee6424db9ac4
ssdeep: 48:68acf5RKtpUAwNVtNaJNMvIc8i1jTCpFZOgcxb97IKZsFtRmlL5ICFipfbNtmW:W61aNshiZOg+ZnJ5ozNt
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T17BB1951063E8837AFDB3CB729DA3434053B8F7629C965FAE2584A30B9C176154973BB1
sha3_384: e3cdfd8357fe69608cee12c73de28fecdc436f0dee77ea883d995f02a2c599e67f074a84233e22f8cd07f364b53e36d5
ep_bytes: ff250020400000000000000000000000
timestamp: 2075-06-19 06:40:24


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: aszgard
FileVersion: 1.0.0.0
InternalName: aszgard.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: aszgard.exe
ProductName: aszgard
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Spy.Agent.DJI also known as:

BkavW32.AIDetectNet.01
LionicTrojan.MSIL.Bingoml.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.49105708
FireEyeTrojan.GenericKD.49105708
McAfeeRDN/Generic PWS.y
MalwarebytesSpyware.DiscordStealer
SangforTrojan.MSIL.Bingoml.gen
K7AntiVirusSpyware ( 0057daef1 )
BitDefenderTrojan.GenericKD.49105708
K7GWSpyware ( 0057daef1 )
BitDefenderThetaGen:NN.ZemsilCO.34712.am0@a40GPNp
ESET-NOD32a variant of MSIL/Spy.Agent.DJI
KasperskyHEUR:Trojan.MSIL.Bingoml.gen
AlibabaTrojan:MSIL/Bingoml.672ad879
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:k1PAMIkVX9mDarzH9+rkBg)
Ad-AwareTrojan.GenericKD.49105708
SophosMal/Generic-S
F-SecureTrojan.TR/Spy.Agent.ulxvv
McAfee-GW-EditionRDN/Generic PWS.y
EmsisoftTrojan.GenericKD.49105708 (B)
IkarusTrojan-Downloader.Win32.Agent
AviraTR/Spy.Agent.ulxvv
MAXmalware (ai score=81)
MicrosoftTrojan:Win32/Wacatac.B!ml
ZoneAlarmHEUR:Trojan.MSIL.Bingoml.gen
GDataWin32.Trojan.Agent.53Z5XY
CynetMalicious (score: 99)
ALYacTrojan.GenericKD.49105708
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R002H0DF322
TencentMsil.Trojan.Bingoml.Dygs
FortinetMSIL/Agent.DJI!tr.spy
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove MSIL/Spy.Agent.DJI?

MSIL/Spy.Agent.DJI removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment