Trojan

MSIL/TrojanDownloader.Agent.GMJ information

Malware Removal

The MSIL/TrojanDownloader.Agent.GMJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.GMJ virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Network activity detected but not expressed in API logs
  • Binary compilation timestomping detected

Related domains:

wpad.local-net

How to determine MSIL/TrojanDownloader.Agent.GMJ?



File Info:

name: 0AA66E1BB390227B2FD3.mlw
path: /opt/CAPEv2/storage/binaries/8df8a1b37d808c14e4d0c32cbdacf0a14bb12dacd94663adc5dcd5d7b93b2dff
crc32: 74DC6406
md5: 0aa66e1bb390227b2fd3e04683229564
sha1: 8026bf3ed35d39138040a9a8f96a1c3b9a18471d
sha256: 8df8a1b37d808c14e4d0c32cbdacf0a14bb12dacd94663adc5dcd5d7b93b2dff
sha512: b2293177d110002c3310eb23bbb7312573a2fc80acd707ba21c1a65b8dcbf05308768e154b3fac17424aabebbebc526225aa6034b718e342b473bbc649ca53cb
ssdeep: 384:oUV6XfPbSgb3sdO6XvNmQtbm2rRSJptYcFwVc03K:lgXfPbzb0ZwQtbm2RSjtYcFwVc6K
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T16B2492C1A3C0C615E672AD7A1D78DEF4CBFABD07A826F66E3418F5191B3701184227B4
sha3_384: a90fedcc825fe5aaec2f23a4943465be8df3b6971afbc862b8eb33f827a3672951e808eaaaeb5c6a5c5164383f41b949
ep_bytes: ff250020400000000000000000000000
timestamp: 2069-07-09 13:32:21


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Your Skidded Spoofer
FileVersion: 1.0.0.0
InternalName: Flying Spoofer.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: Flying Spoofer.exe
ProductName: Your Skidded Spoofer
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/TrojanDownloader.Agent.GMJ also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.MSILPerseus.236847
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
McAfeeTrojan-FTAL!0AA66E1BB390
CyrenW32/MSIL_Kryptik.BUT.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.GMJ
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Agent.gen
BitDefenderGen:Variant.MSILPerseus.236847
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.MSILPerseus.236847
McAfee-GW-EditionTrojan-FTAL!0AA66E1BB390
FireEyeGeneric.mg.0aa66e1bb390227b
EmsisoftGen:Variant.MSILPerseus.236847 (B)
IkarusTrojan-Downloader.MSIL.Agent
GDataGen:Variant.MSILPerseus.236847
AviraHEUR/AGEN.1142423
MAXmalware (ai score=88)
ArcabitTrojan.MSILPerseus.D39D2F
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.C4250786
BitDefenderThetaGen:NN.ZemsilF.34294.nm0@aSPRUXn
ALYacGen:Variant.MSILPerseus.236847
MalwarebytesTrojan.Downloader
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_50%
FortinetMSIL/Agent.GMJ!tr.dldr
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.bb3902
MaxSecureTrojan.Malware.300983.susgen

How to remove MSIL/TrojanDownloader.Agent.GMJ?

MSIL/TrojanDownloader.Agent.GMJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment