Trojan

MSIL/TrojanDownloader.Agent.KQQ removal guide

Malware Removal

The MSIL/TrojanDownloader.Agent.KQQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.KQQ virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/TrojanDownloader.Agent.KQQ?



File Info:

name: 294B7C06479A50F7D4B1.mlw
path: /opt/CAPEv2/storage/binaries/64613e9558bf51f7c56f7e3f7a7d770e87859e8a8bac31a67c6dab53c59d53d5
crc32: 3F1AF2A7
md5: 294b7c06479a50f7d4b187299d159747
sha1: cbb621c5a8d2cf07901105835d4cab34a5cdef3f
sha256: 64613e9558bf51f7c56f7e3f7a7d770e87859e8a8bac31a67c6dab53c59d53d5
sha512: 34c2ae855dab03467e309ed6f4623ee53ba8e8468b45b85240ec2f3c3f4a80e258f6fcb7addcb44d92ee80dbce42f8b1c92f18e4e4342897eb321982fa588798
ssdeep: 768:SVoIGcezZ3maHiYMwN8Agw3nZPHbzYK1:SVoIQ2NAVZDzN
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AAC34EF4E770B919F010C97CF99982703AF8EF609F325542B4A5763A197E2AC3D224E4
sha3_384: 107edde2b0efe8630aa210d9f886e407c2bfa69fc46d4ebac36d08742e573c2d50a0d8368f045a533b5942302d655870
ep_bytes: ff250020400000000000000000000000
timestamp: 2053-11-19 06:23:34


Version Info:

Translation: 0x0000 0x04b0
Comments: Opera Internet Browser
CompanyName: Opera Software
FileDescription: Opera Internet Browser
FileVersion: 83.0.4254.27
InternalName: Kmzxbqi.exe
LegalCopyright: Copyright Opera Software 2022
LegalTrademarks: 
OriginalFilename: Kmzxbqi.exe
ProductName: Opera Internet Browser
ProductVersion: 83.0.4254.27
Assembly Version: 83.0.4254.27

MSIL/TrojanDownloader.Agent.KQQ also known as:

LionicTrojan.MSIL.Agensla.i!c
MicroWorld-eScanTrojan.GenericKD.38919095
FireEyeGeneric.mg.294b7c06479a50f7
CAT-QuickHealTrojan.IGENERIC
ALYacTrojan.GenericKD.38919095
CylanceUnsafe
ZillyaDownloader.Agent.Win32.461435
SangforInfostealer.MSIL.Agensla.gen
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanPSW:MSIL/AgentTesla.8dbe2f67
K7GWTrojan-Downloader ( 0058de741 )
K7AntiVirusTrojan-Downloader ( 0058de741 )
CyrenW32/MSIL_Kryptik.GLW.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.KQQ
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.AgentTesla-9939410-0
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefenderTrojan.GenericKD.38919095
AvastWin32:DropperX-gen [Drp]
TencentMsil.Trojan-downloader.Agent.Hqvr
Ad-AwareTrojan.GenericKD.38919095
ComodoMalware@#i6tljpxigyvq
DrWebTrojan.DownloaderNET.303
TrendMicroTrojanSpy.MSIL.NEGASTEAL.RJAHQDL
McAfee-GW-EditionRDN/Generic Downloader.x
EmsisoftTrojan.GenericKD.38919095 (B)
IkarusTrojan-Downloader.MSIL.Agent
JiangminTrojan.PSW.MSIL.dfgk
AviraTR/Downloader.MSIL.xpsdh
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.3527AD6
KingsoftWin32.PSWTroj.Undef.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:MSIL/AgentTesla.RV!MTB
GDataTrojan.GenericKD.38919095
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.AgentTesla.C4960529
McAfeeRDN/Generic Downloader.x
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.Downloader.MSIL.Generic
TrendMicro-HouseCallTrojanSpy.MSIL.NEGASTEAL.RJAHQDL
RisingMalware.Obfus/MSIL@AI.92 (RDM.MSIL:ebVP2vN02GL5ySOAZOY+sg)
YandexTrojan.Igent.bXrkwH.9
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Agent.KHM!tr.dldr
BitDefenderThetaGen:NN.ZemsilF.34264.hm0@aSSnj3
AVGWin32:DropperX-gen [Drp]
PandaTrj/GdSda.A

How to remove MSIL/TrojanDownloader.Agent.KQQ?

MSIL/TrojanDownloader.Agent.KQQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment