Trojan

Should I remove “MSIL/TrojanDownloader.Agent.GST”?

Malware Removal

The MSIL/TrojanDownloader.Agent.GST is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.GST virus can do?

  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.GST?



File Info:

name: 2A553B52643068203FB7.mlw
path: /opt/CAPEv2/storage/binaries/8038773ad4bdb5cbbc92060db5a58a875d173ec45a427f21ef9aa1ebd505e2ef
crc32: 8450B7EB
md5: 2a553b52643068203fb7e0641c4bbcc3
sha1: 9d120d4318446aafb3d29af2201e14b51b9698c8
sha256: 8038773ad4bdb5cbbc92060db5a58a875d173ec45a427f21ef9aa1ebd505e2ef
sha512: df4f2a4d91717fc193164e6958261df40c10163bd671b01191b92451065ead94af72c6e42dd60e44c2e9b2ace27ebadcb64ea52e57a9bd0f8dfdbe26498fdfc7
ssdeep: 768:upjKQ/SZ3gGml0jaMFGrbgMpLjNYl82qR7Iqbh2GLGv710DGmUf2hkP:udDSy5uaMkguLjNYmlN1GQUfh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T132432A66E7EF8D06C4AD6E3064F0C2451371FB4AF253DB0B16BC8169AF46BC98711EA4
sha3_384: 7583452555b1231baeb784a103b9fb3602e3484f2b96b0244746ae57b8eb923c79dc38aefec896d2c3401f17d8c17d77
ep_bytes: ff250020400000000000000000000000
timestamp: 2081-09-12 02:31:52


Version Info:

CompanyName: Google LLC
FileDescription: Google Chrome
FileVersion: 85.0.4183.102
InternalName: chrome_exe
LegalCopyright: Copyright 2020 Google LLC. All rights reserved.
OriginalFilename: chrome.exe
ProductName: Google Chrome
ProductVersion: 85.0.4183.102
CompanyShortName: Google
ProductShortName: Chrome
LastChange: ffe848af6a5df4fa127e2929331116b7f9f1cb30-refs/branch-heads/4183@#1770
Official Build: 1
Translation: 0x0409 0x04b0

MSIL/TrojanDownloader.Agent.GST also known as:

LionicTrojan.MSIL.Stealer.l!c
FireEyeGeneric.mg.2a553b5264306820
McAfeeDownloader-FCAR!2A553B526430
CylanceUnsafe
ZillyaDownloader.Agent.Win32.417638
SangforTrojan.MSIL.AgentTesla.KM
K7AntiVirusTrojan-Downloader ( 0056e1b41 )
AlibabaTrojanSpy:MSIL/Stealer.48a86bc7
K7GWTrojan-Downloader ( 0056e1b41 )
Cybereasonmalicious.264306
BitDefenderThetaGen:NN.ZemsilF.34212.dm1@aCW2Xuki
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/TrojanDownloader.Agent.GST
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefenderTrojan.GenericKD.34510029
NANO-AntivirusTrojan.Win32.Stealer.ihqmjz
MicroWorld-eScanTrojan.GenericKD.34510029
AvastWin32:TrojanX-gen [Trj]
TencentMalware.Win32.Gencirc.11af3d37
Ad-AwareTrojan.GenericKD.34510029
EmsisoftTrojan.GenericKD.34510029 (B)
DrWebTrojan.Siggen10.15802
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionDownloader-FCAR!2A553B526430
SentinelOneStatic AI – Malicious PE
SophosMal/Generic-S
APEXMalicious
GDataTrojan.GenericKD.34510029
AviraTR/Dldr.Agent.dozrx
ArcabitTrojan.Generic.D20E94CD
ZoneAlarmHEUR:Trojan-Spy.MSIL.Stealer.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Malware/Win32.RL_Generic.C4036577
ALYacTrojan.GenericKD.34510029
MAXmalware (ai score=80)
VBA32TScope.Trojan.MSIL
MalwarebytesSpyware.RedLineStealer
RisingTrojan.FakeChrome!1.9C7B (CLASSIC)
YandexTrojan.DL.Agent!PpALnNWwG84
IkarusTrojan-Downloader.MSIL.Agent
MaxSecureTrojan.Malware.73709669.susgen
FortinetPossibleThreat.PALLAS.H
AVGWin32:TrojanX-gen [Trj]
PandaTrj/GdSda.A

How to remove MSIL/TrojanDownloader.Agent.GST?

MSIL/TrojanDownloader.Agent.GST removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment