Trojan

What is “MSIL/TrojanDownloader.Agent.JRP”?

Malware Removal

The MSIL/TrojanDownloader.Agent.JRP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.JRP virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.JRP?



File Info:

name: F80B61F29E1C57517012.mlw
path: /opt/CAPEv2/storage/binaries/dbbc742a205a970d1197bbd2aa7c16016b39e6814afc40c58c5ad24fae5a7f83
crc32: 3AB507FC
md5: f80b61f29e1c575170128b87e3b489ca
sha1: 54ce6b8e9424a37a3e3c8f22939cfadc8c5b0ef7
sha256: dbbc742a205a970d1197bbd2aa7c16016b39e6814afc40c58c5ad24fae5a7f83
sha512: af6b4c0765cf5b8b9333bf773969f68fb8e111ec9b8e925fda2328e4b1492ddf40681e945aa420ef1cf61aa28fd14898a9fc0d065ca1866c9dafd6c1e68906cf
ssdeep: 768:7KD5P2W5jC6o8IbgFbrjZR3x0H8nH80fEmr+BCK7PFl+nK01e7Nv62n3gYRNt:7KD5Pc6o8IObrT3OUHbD+BC3KH7NeYR7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15C234B01B3D4DF4AE1EC16B2C4A3C69107F0EE168652A96E44D82B5FEC663314BB3F06
sha3_384: a92e229291798ad7a1214475ad4979eaecd6b827956a6ddc5cf0b47bc6fa638e882247f4d762aa529f927e93640cb647
ep_bytes: ff250020400000000000000000000000
timestamp: 2048-09-04 07:54:02


Version Info:

Translation: 0x0000 0x04b0
Comments: DDNS v9.0 Enterprise Client
CompanyName: Adamsland.
FileDescription: DDNS v9.0 Enterprise Client
FileVersion: 1.2.3.4
InternalName: ConsoleApp19.exe
LegalCopyright: © All rights reserved..
LegalTrademarks: MintDNS is a trademark of Adamsland micro systems
OriginalFilename: ConsoleApp19.exe
ProductName: DDNS v9.0 Enterprise Client
ProductVersion: 1.2.3.4
Assembly Version: 1.2.3.4

MSIL/TrojanDownloader.Agent.JRP also known as:

LionicTrojan.MSIL.Seraph.a!c
MicroWorld-eScanTrojan.GenericKD.47606194
FireEyeTrojan.GenericKD.47606194
ALYacTrojan.GenericKD.47606194
CylanceUnsafe
K7AntiVirusTrojan-Downloader ( 0058b8fe1 )
AlibabaTrojanDownloader:MSIL/Seraph.9998241a
K7GWTrojan-Downloader ( 0058b8fe1 )
BitDefenderThetaGen:NN.ZemsilF.34084.cm0@ayG5Ycb
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.JRP
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Downloader.MSIL.Seraph.gen
BitDefenderTrojan.GenericKD.47606194
AvastWin32:DropperX-gen [Drp]
TencentMsil.Trojan-downloader.Agent.Ebgl
Ad-AwareTrojan.GenericKD.47606194
EmsisoftTrojan.GenericKD.47606194 (B)
TrendMicroTROJ_GEN.R002C0WL921
McAfee-GW-EditionRDN/Generic Downloader.x
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.47606194
JiangminTrojanDownloader.MSIL.agax
WebrootW32.Trojan.GenKD
AviraTR/Dldr.Agent.bqrus
MAXmalware (ai score=100)
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D2D669B2
ViRobotTrojan.Win32.Z.Agent.46080.DQI
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
McAfeeRDN/Generic Downloader.x
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.Downloader
TrendMicro-HouseCallTROJ_GEN.R002C0WL921
IkarusTrojan.MSIL.Krypt
eGambitUnsafe.AI_Score_99%
FortinetMSIL/Agent.JTI!tr.dldr
AVGWin32:DropperX-gen [Drp]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove MSIL/TrojanDownloader.Agent.JRP?

MSIL/TrojanDownloader.Agent.JRP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment