Trojan

What is “MSIL/TrojanDownloader.Agent.JRO”?

Malware Removal

The MSIL/TrojanDownloader.Agent.JRO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.JRO virus can do?

  • Presents an Authenticode digital signature
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.JRO?



File Info:

name: 93F0295DA7217892229F.mlw
path: /opt/CAPEv2/storage/binaries/9d7c80fdf6ea34da4a9a37a81afc6a646b733981c735318eaeb5849b5d6f0c52
crc32: 2CDD7F7E
md5: 93f0295da7217892229f574c616fe803
sha1: a47859d01c09148872fa2fa5deb1d27932a10b99
sha256: 9d7c80fdf6ea34da4a9a37a81afc6a646b733981c735318eaeb5849b5d6f0c52
sha512: 7cd51e19349c4f8ade6afad77e76186587a452928e9d414160f3637b00570b0ade92481f1f0015f5702eab22406f33b59e51640f9d4e55f4e48939875a3fafb2
ssdeep: 768:PCfGp9Xbq/5xDK3pyMV2MZ/MZew/ig4Roay1MhHf:P+Gp9XbqPDjMVdw/Z4RoaTf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FE13AE21B3548522DEFF4E72B867D3611F71BB114920C5EB9588D70F6F63312DEA1298
sha3_384: e02a7169aa99297e2798c5650d16bff0264f561fd6f1e7367d05966078cd314e7e1e40100c58f79a8058e217a596fcec
ep_bytes: ff250020400000000000000000000000
timestamp: 2064-04-20 13:19:21


Version Info:

Translation: 0x0000 0x04b0
Comments: Nmap installer
CompanyName: Insecure.org
FileDescription: Nmap installer
FileVersion: 7.92.0.0
InternalName: ConsoleApp11.exe
LegalCopyright: Copyright (c) Insecure.Com LLC (fyodor@insecure.org)
LegalTrademarks: 
OriginalFilename: ConsoleApp11.exe
ProductName: Nmap
ProductVersion: 7.92.0.0
Assembly Version: 7.92.0.0

MSIL/TrojanDownloader.Agent.JRO also known as:

McAfeeArtemis!93F0295DA721
Cybereasonmalicious.01c091
SymantecMSIL.Downloader!gen7
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.JRO
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Downloader.MSIL.Seraph.gen
AvastWin32:CrypterX-gen [Trj]
DrWebTrojan.Inject4.21300
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Suspicious PE
AviraTR/Kryptik.vmhip
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
MalwarebytesTrojan.MCrypt.MSIL.Generic
IkarusTrojan.MSIL.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.ADQK!tr
AVGWin32:CrypterX-gen [Trj]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove MSIL/TrojanDownloader.Agent.JRO?

MSIL/TrojanDownloader.Agent.JRO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment