Trojan

What is “MSIL/TrojanDownloader.Agent.JPR”?

Malware Removal

The MSIL/TrojanDownloader.Agent.JPR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.JPR virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.JPR?



File Info:

name: 2E8D0CF7EC2E3267A1B6.mlw
path: /opt/CAPEv2/storage/binaries/b7a1b0db41719e8adf324beb44c1493ce1db63e749cfa39e0d7f69e245801368
crc32: 76198031
md5: 2e8d0cf7ec2e3267a1b6116ce06c2835
sha1: 25a9521a36bb225d6f9eccb714bc6ccb9a6972f9
sha256: b7a1b0db41719e8adf324beb44c1493ce1db63e749cfa39e0d7f69e245801368
sha512: dbe10ea86c0f97d41bf78662c3c7dc1aaea4128fe9eb18ff7712fad172fbf16f7b8dfbf073003ab257ee3a5e10c21e5715aac364843cfdeb5fff30245a11fc3d
ssdeep: 12288:EdrlrOWMda8uO88Yz8HFtsbHif57fUk4CycqkteDhTQ:EdrUWM08uOsiFts4SrcFeDhE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BEA49E0AE2038F9AF958A7B0CE775F611790A5B29C70D307E31C6A7A943F7693694703
sha3_384: 0a82af2919620d8f9ab06119e68aeb6d3eb0f9140c9a9f3dd3d2404412046d09b50543ea02d8d1f6493168238d89aae8
ep_bytes: ff250020400000000000000000000000
timestamp: 2088-05-10 04:21:30


Version Info:

Translation: 0x0000 0x04b0
Comments: Windows Security Configuration Editor Command Tool
CompanyName: Microsoft Corporation
FileDescription: Windows Security Configuration Editor Command Tool
FileVersion: 10.0.14393.0
InternalName: NewRedAsyncTask.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
LegalTrademarks: 
OriginalFilename: NewRedAsyncTask.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.14393.0
Assembly Version: 10.0.14393.0

MSIL/TrojanDownloader.Agent.JPR also known as:

LionicTrojan.MSIL.Dnoper.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38136286
FireEyeGeneric.mg.2e8d0cf7ec2e3267
McAfeeRDN/Generic PWS.y
CylanceUnsafe
ZillyaDownloader.Agent.Win32.457290
SangforTrojan.MSIL.Dnoper.gen
K7AntiVirusTrojan-Downloader ( 0058b1301 )
BitDefenderTrojan.GenericKD.38136286
K7GWTrojan-Downloader ( 0058b1301 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.JPR
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Dropper.Generic-7113183-0
AlibabaTrojan:MSIL/KeyloggerX.7908f88d
AvastWin32:KeyloggerX-gen [Trj]
Ad-AwareTrojan.GenericKD.38136286
EmsisoftTrojan.GenericKD.38136286 (B)
DrWebTrojan.PWS.Steam.22824
TrendMicroTROJ_GEN.R06CC0PL221
McAfee-GW-EditionRDN/Generic PWS.y
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
JiangminTrojan.MSIL.alqsc
MaxSecureTrojan.Malware.300983.susgen
AviraHEUR/AGEN.1136049
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASMalwS.34DAA6C
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GridinsoftMalware.Win32.GenericMC.cc
GDataTrojan.GenericKD.38136286
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZemsilF.34114.Cm0@aWt2yhp
ALYacTrojan.GenericKD.38136286
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.Crypt.MSIL.Generic
TrendMicro-HouseCallTROJ_GEN.R06CC0PL221
IkarusTrojan-Spy.Agent
eGambitTrojan.Generic
FortinetPossibleThreat
WebrootW32.Trojan.Gen
AVGWin32:KeyloggerX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)

How to remove MSIL/TrojanDownloader.Agent.JPR?

MSIL/TrojanDownloader.Agent.JPR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment