MSIL/TrojanDownloader.Agent.MAE removal instruction

The MSIL/TrojanDownloader.Agent.MAE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/TrojanDownloader.Agent.MAE virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine MSIL/TrojanDownloader.Agent.MAE?


File Info:
name: F3CE762AD43817111C8E.mlw
path: /opt/CAPEv2/storage/binaries/f8fa9f49d2acaf4446713c6c325f34f693f4725ba22f72309bf02e55da6a1d61
crc32: 812871E9
md5: f3ce762ad43817111c8ecdef984e19d2
sha1: 6db99dea1cf83ea188bcf28b0ed2f1cc757cb08f
sha256: f8fa9f49d2acaf4446713c6c325f34f693f4725ba22f72309bf02e55da6a1d61
sha512: e866a8241afd6e10e339fd9740a1459cdc7178818f4020a3d184fc6f57e0250da0a56a5aac6e84d6d958bf1235a4560ba1d448dc784e1118ef77be23f9a0c52a
ssdeep: 96:GlVruO79dkNYqLD8CcPtx4vk+Zyz8g/JxcizFgYKrbd3oj0rl:GlVru49dkNYqLDncP8vkdz8g/JxcISHZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T109C1C001AFEB50DAF23707706BEAB3B716A5F8B1551DA2B8704486589F707D0CC62E71
sha3_384: ccc7564b5e919d8df34c81b05569b1e3d5ae5559bf156495ac12739228843c3ea42d2e59db27a47a13ff5f5e7baf807f
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-07-16 11:12:34

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: file-man.exe
LegalCopyright:  
OriginalFilename: file-man.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/TrojanDownloader.Agent.MAE also known as:

Bkav	W32.AIDetectNet.01
Lionic	Trojan.MSIL.PsDownload.a!c
MicroWorld-eScan	Trojan.GenericKD.61178730
FireEye	Generic.mg.f3ce762ad4381711
ALYac	Trojan.GenericKD.61178730
Alibaba	TrojanDownloader:MSIL/PsDownload.42b96ffd
K7GW	Trojan-Downloader ( 00593c201 )
BitDefenderTheta	Gen:NN.ZemsilF.34582.am0@aiQuTbj
Cyren	W32/MSIL_Agent.DIE.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDownloader.Agent.MAE
Paloalto	generic.ml
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-Downloader.MSIL.PsDownload.gen
BitDefender	Trojan.GenericKD.61178730
Avast	FileRepMalware [Misc]
Ad-Aware	Trojan.GenericKD.61178730
Emsisoft	Trojan.GenericKD.61178730 (B)
VIPRE	Trojan.GenericKD.61178730
TrendMicro	TROJ_GEN.R002C0WH722
McAfee-GW-Edition	BehavesLike.Win32.Generic.xz
Trapmine	suspicious.low.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.CoinMiner
Avira	HEUR/AGEN.1248855
MAX	malware (ai score=81)
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Trojan.GenericKD.61178730
AhnLab-V3	Trojan/Win.Generic.C5148890
McAfee	Artemis!F3CE762AD438
APEX	Malicious
SentinelOne	Static AI – Malicious PE
Fortinet	MSIL/Agent.MAE!tr
AVG	FileRepMalware [Misc]
CrowdStrike	win/malicious_confidence_90% (W)

How to remove MSIL/TrojanDownloader.Agent.MAE?

MSIL/TrojanDownloader.Agent.MAE removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X