What is “MSIL/TrojanDownloader.Agent.JGG”?

The MSIL/TrojanDownloader.Agent.JGG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/TrojanDownloader.Agent.JGG virus can do?

Unconventionial language used in binary resources: Russian
The binary likely contains encrypted or compressed data.

How to determine MSIL/TrojanDownloader.Agent.JGG?


File Info:
crc32: F346E0C7
md5: e88691fb30a3a2ec8e95060e245a7521
name: E88691FB30A3A2EC8E95060E245A7521.mlw
sha1: ba00cbd2a55980798e59d3cad1ea62f84a61c629
sha256: b7d71748da815e1ff5f0148e46d3787dcd9b5af2864d1908d7a3c4538327961d
sha512: 371335d9b028016bca6a0dc854103522ed94aaeb86849433d9629302c3d6990bbbfcfc8cb4f8ca37cab3f41d65c6995d3b96aa08f09b4045d75bf18875e493a0
ssdeep: 3072:y29+hIl2epp125GWp1icKAArDZz4N9GhbkrNEk6HdnKeQ+s5ZB6/14QPIDcS8Kv:xwAcp0yN90QErnkv6/14rk
type: PE32+ executable (GUI) x86-64, for MS Windows

Version Info:
LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: Wextract                
FileVersion: 11.00.14393.0 (rs1_release.160715-1616)
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
ProductVersion: 11.00.14393.0
FileDescription: Win32 Cabinet Self-Extractor                                           
OriginalFilename: WEXTRACT.EXE            .MUI
Translation: 0x0409 0x04b0

MSIL/TrojanDownloader.Agent.JGG also known as:

K7AntiVirus	Riskware ( 0040eff71 )
Lionic	Trojan.MSIL.Agensla.i!c
Elastic	malicious (high confidence)
DrWeb	Trojan.DownloaderNET.231
ClamAV	Win.Malware.Reline-9887776-0
CAT-QuickHeal	Trojan.Sabsik
ALYac	Trojan.GenericKD.47277827
Malwarebytes	Trojan.Downloader
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	TrojanPSW:MSIL/Agensla.7a340a79
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.2a5598
Cyren	W32/MSIL_Troj.BRE.gen!Eldorado
Symantec	Trojan.Gen.MBT
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.JGG
APEX	Malicious
Avast	Win32:PWSX-gen [Trj]
Cynet	Malicious (score: 99)
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Trojan.GenericKD.47277827
MicroWorld-eScan	Trojan.GenericKD.47277827
Ad-Aware	Trojan.GenericKD.47277827
Sophos	Mal/Generic-S
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0PJ821
McAfee-GW-Edition	BehavesLike.Win64.Dropper.dc
FireEye	Trojan.GenericKD.47277827
Emsisoft	Trojan.GenericKD.47277827 (B)
Avira	TR/Dldr.Agent.oksvp
Kingsoft	Win32.PSWTroj.Undef.(kcloud)
Microsoft	Trojan:Win32/Sabsik.FT.A!ml
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Agensla.gen
GData	Trojan.GenericKD.47277827
McAfee	Artemis!E88691FB30A3
MAX	malware (ai score=88)
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002C0PJ821
Yandex	Trojan.PWS.Stealer!wOf+GVdmtlQ
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Agent.JGG!tr
AVG	Win32:PWSX-gen [Trj]
Paloalto	generic.ml

How to remove MSIL/TrojanDownloader.Agent.JGG?

MSIL/TrojanDownloader.Agent.JGG removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X