Trojan

About “MSIL/TrojanDownloader.Agent.KEF” infection

Malware Removal

The MSIL/TrojanDownloader.Agent.KEF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.KEF virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine MSIL/TrojanDownloader.Agent.KEF?



File Info:

name: 734C8FFC050CF5B5329E.mlw
path: /opt/CAPEv2/storage/binaries/4f36dcdeba6afdd67da6e81fcb70d5f6ac146055d4d1b07f76ce433a13965679
crc32: 1D334330
md5: 734c8ffc050cf5b5329eea84bf12688e
sha1: b131c5fe765521a7afddb50db62199f662fcdf71
sha256: 4f36dcdeba6afdd67da6e81fcb70d5f6ac146055d4d1b07f76ce433a13965679
sha512: eb6bfec055152771fa7508d629d9c6a0fcd5e86077bb9906127b3ec10ac90605f60d79f3943a3c0a31f8f51103752c411f745cfbadfd46a3f0bff52468a056aa
ssdeep: 384:V0GSTpz7plzKCyDtdawW6+Z2qqR1tmAhcLDAk1sER9wLW93yMokI:m7pNKCCPawJDqqRahLDtDROLW9N
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1A9A24B295E9CC133C5BD6B7F6473A2090172E73F6A82EB8F5CDCA1A506563C247C11E2
sha3_384: 574caaaadd00840b961796a925089d1306457a73b2af8b23af1d5780ef1452f4217a2c9fefdb6d96b776785998e90641
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-01-24 20:38:52


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Assault Spoofer
FileVersion: 2.0.0.0
InternalName: Assault Dev.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Assault Dev.exe
ProductName: Assault Spoofer
ProductVersion: 2.0.0.0
Assembly Version: 2.0.0.0

MSIL/TrojanDownloader.Agent.KEF also known as:

LionicTrojan.Win32.Perseus.4!c
MicroWorld-eScanGen:Variant.MSILPerseus.236847
FireEyeGen:Variant.MSILPerseus.236847
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
ALYacGen:Variant.MSILPerseus.236847
SangforTrojan.Win32.Sabsik.FL
ESET-NOD32MSIL/TrojanDownloader.Agent.KEF
APEXMalicious
BitDefenderGen:Variant.MSILPerseus.236847
AvastWin32:Trojan-gen
RisingTrojan.Generic/MSIL@AI.90 (RDM.MSIL:ZpaymGvph7oyWV4NhQvpxw)
Ad-AwareGen:Variant.MSILPerseus.236847
TrendMicroTROJ_GEN.R002C0PB122
McAfee-GW-EditionRDN/Generic.dx
EmsisoftGen:Variant.MSILPerseus.236847 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.MSILPerseus.236847
WebrootW32.Trojan.Gen
MAXmalware (ai score=80)
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
CynetMalicious (score: 100)
McAfeeRDN/Generic.dx
TrendMicro-HouseCallTROJ_GEN.R002C0PB122
FortinetMSIL/Agent.KEF!tr.dldr
BitDefenderThetaGen:NN.ZemsilF.34182.bm0@aqX@!ak
AVGWin32:Trojan-gen
Cybereasonmalicious.c050cf

How to remove MSIL/TrojanDownloader.Agent.KEF?

MSIL/TrojanDownloader.Agent.KEF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment