Trojan

What is “MSIL/TrojanDownloader.Agent.AEX”?

Malware Removal

The MSIL/TrojanDownloader.Agent.AEX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.AEX virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine MSIL/TrojanDownloader.Agent.AEX?



File Info:

name: 4208F325A990446DA54E.mlw
path: /opt/CAPEv2/storage/binaries/4ce672d27e10554124bfdaf7cd4f1be348e7adc7387e3351bae77b4f0f6323bd
crc32: 383D24A9
md5: 4208f325a990446da54e5b2fbe11e176
sha1: 7ee1e65d4dcf3229de16d5c62e872a0729abdab8
sha256: 4ce672d27e10554124bfdaf7cd4f1be348e7adc7387e3351bae77b4f0f6323bd
sha512: f33ff9271716f8d5341a33706a66885529fd75afc9583f04cb057909bdb726fd145ac2232812f8d0f50b132bb878907df357465d2dd456b222264b68605ea792
ssdeep: 24576:+j8Y7m6GZFZY3gm8QD5pHlRlY5Agptwapo8H8HPHcXPT1KumXuYhA:+jj7m6+Fm3gm1D5NlRlY5AMwqo8HaHQ1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15C55BF1272E1C572E1B75730DAAACBF156B5FC704A32850B53D4BD0F3EB2A819A32752
sha3_384: a6b2ad72b0922471add9b85760d90c5d7de432e440cba55756e0251e91cf5de00784cbd791d5bd68843f41aaa2b35f26
ep_bytes: e8299f0000e979feffff8bff558bec8b
timestamp: 2013-02-04 14:35:55


Version Info:

CompanyName: YoushaHD Player
FileDescription: This installer database contains the logic and data required to install YoushaHD Player.
FileVersion: 1.1.0
InternalName: YouShaHD_18
LegalCopyright: Copyright (C) YoushaHD Player
OriginalFileName: YouShaHD_18.exe
ProductName: YoushaHD Player
ProductVersion: 1.1.0
Translation: 0x0409 0x04b0

MSIL/TrojanDownloader.Agent.AEX also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.33967575
FireEyeTrojan.GenericKD.33967575
ALYacTrojan.GenericKD.33967575
CylanceUnsafe
K7AntiVirusTrojan-Downloader ( 005705591 )
AlibabaTrojan:MSIL/Generic.8bdf850a
K7GWTrojan-Downloader ( 005705591 )
Cybereasonmalicious.5a9904
ESET-NOD32MSIL/TrojanDownloader.Agent.AEX
TrendMicro-HouseCallTROJ_GEN.R002H0CF622
Paloaltogeneric.ml
BitDefenderTrojan.GenericKD.33967575
AvastFileRepMalware [Trj]
TencentMalware.Win32.Gencirc.10c7a599
Ad-AwareTrojan.GenericKD.33967575
SophosMal/Generic-S
ComodoMalware@#3e4isp91eareh
McAfee-GW-EditionArtemis!Trojan
EmsisoftTrojan.GenericKD.33967575 (B)
GDataTrojan.GenericKD.33967575
MAXmalware (ai score=83)
ArcabitTrojan.Generic.D2064DD7
MicrosoftTrojan:Win32/Occamy.C4C
McAfeeArtemis!4208F325A990
TACHYONTrojan/W32.Agent.1383619
APEXMalicious
RisingDownloader.Agent!8.B23 (CLOUD)
IkarusTrojan-Downloader.MSIL.Agent
MaxSecureTrojan.Malware.7175209.susgen
FortinetMSIL/Agent.AEX!tr.dldr
AVGFileRepMalware [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove MSIL/TrojanDownloader.Agent.AEX?

MSIL/TrojanDownloader.Agent.AEX removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment