Trojan

MSIL/TrojanDownloader.Agent.JTN removal tips

Malware Removal

The MSIL/TrojanDownloader.Agent.JTN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What MSIL/TrojanDownloader.Agent.JTN virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.JTN?


File Info:

name: AD27FCB9C6D04BAB76D9.mlw
path: /opt/CAPEv2/storage/binaries/ad56622065377d19bd9b73a867869829651525307ecfa230775c853873ea2974
crc32: AB86B645
md5: ad27fcb9c6d04bab76d96c1396b1d485
sha1: 3a60d852530a62b7bb017e5bc6552a3cb19b672e
sha256: ad56622065377d19bd9b73a867869829651525307ecfa230775c853873ea2974
sha512: 09cf681af6f1ac6e6be3b5f111c3fbe59492cb7f08535d169f84ba7e70c221aff3a929c3cf1807f55b3cac9de905f5f2752d3f33af79066b13cd833d0ee7b80e
ssdeep: 6144:7bvjneY8CUSvpxxxkxxxkxxxkxxxxkxxxkxxxAuFI:De2USvpxxxkxxxkxxxkxxxxkxxxkxxxA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13924FED6A9980256D3D718B0D94AC7720B15BD7F84404863A2FD3C3B3FED4A7E066E29
sha3_384: 318f3de386f0d71ede2b224bc17813b9c42bb899d5904b3c54646be00974b7372daeae4626876ead3999932a4d043876
ep_bytes: ff250020400000000000000000000000
timestamp: 2098-08-25 21:10:30

Version Info:

Translation: 0x0000 0x04b0
Comments: Lefty Mailer
CompanyName: Honey Bucket
FileDescription: Lefty Mailer
FileVersion: 5.0.0.0
InternalName: lefty mail.exe
LegalCopyright: Copyright © Lefty. 2021
LegalTrademarks:
OriginalFilename: lefty mail.exe
ProductName: Lefty Mailer v5
ProductVersion: 5.0.0.0
Assembly Version: 5.0.0.0

MSIL/TrojanDownloader.Agent.JTN also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.47621987
FireEyeGeneric.mg.ad27fcb9c6d04bab
McAfeeArtemis!AD27FCB9C6D0
CylanceUnsafe
K7AntiVirusTrojan-Downloader ( 0058ba921 )
AlibabaBackdoor:MSIL/Crysan.a2f6e475
K7GWTrojan-Downloader ( 0058ba921 )
Cybereasonmalicious.2530a6
BitDefenderThetaGen:NN.ZemsilF.34084.nm0@aOLV!He
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.JTN
APEXMalicious
AvastFileRepMalware
KasperskyHEUR:Backdoor.MSIL.Crysan.gen
BitDefenderTrojan.GenericKD.47621987
Ad-AwareTrojan.GenericKD.47621987
EmsisoftTrojan.GenericKD.47621987 (B)
TrendMicroTROJ_GEN.R002C0WLD21
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
GDataTrojan.GenericKD.47621987
AviraTR/Dldr.Agent.qwzbi
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.MSILZilla.C4848087
VBA32TScope.Trojan.MSIL
ALYacTrojan.GenericKD.47621987
MAXmalware (ai score=87)
MalwarebytesTrojan.Downloader.MSIL.Generic
TrendMicro-HouseCallTROJ_GEN.R002C0WLD21
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Agent.JTN!tr.dldr
AVGFileRepMalware
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_70% (W)

How to remove MSIL/TrojanDownloader.Agent.JTN?

MSIL/TrojanDownloader.Agent.JTN removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment