Trojan

About “MSIL/TrojanDownloader.Agent.NOJ” infection

Malware Removal

The MSIL/TrojanDownloader.Agent.NOJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Agent.NOJ virus can do?

  • .NET file is packed/obfuscated with Confuser
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine MSIL/TrojanDownloader.Agent.NOJ?



File Info:

name: 179E9C53D04C3B66D135.mlw
path: /opt/CAPEv2/storage/binaries/5715421db87e90b962c061ed1a9e6af443f012ddd61d0a0a3450212063416c4d
crc32: 89C2DA46
md5: 179e9c53d04c3b66d135bc6bd4480b75
sha1: 564514e182d9789c5ddb2b687c133e0d89df717a
sha256: 5715421db87e90b962c061ed1a9e6af443f012ddd61d0a0a3450212063416c4d
sha512: 52211cd70925f73ced305fb3e38aca0fe3c14291253083121b485dc0485cb1bddeca8d1cc4e174fdf03a6dfc7e069d5c74efda114ee790a0c6a324f8a9b0e038
ssdeep: 3072:P20wD0UjvezRbaPBlN6jGT1HLBtsIyqS/Jo7H7cggi:P20wQUreFu74jGR7rS/Jo7H7cg
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13AE31288F55CC9C7F9A9D2F78895E2055BAC79464163F3C5EE34A68234863EB09032F7
sha3_384: 9b298a35f738dcfafb077413974083fcf0962a6599119e06d8c9602be82cc0862766c1d0a130e97a0464eb5de281b4e3
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-02-06 21:58:27


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: d
FileVersion: 1.0.0.0
InternalName: d.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: d.exe
ProductName: d
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/TrojanDownloader.Agent.NOJ also known as:

BkavW32.AIDetectNet.01
LionicTrojan.Win32.Ursu.4!c
DrWebTrojan.Encoder.36005
MicroWorld-eScanGen:Variant.MSILHeracles.36459
FireEyeGeneric.mg.179e9c53d04c3b66
McAfeeArtemis!179E9C53D04C
CylanceUnsafe
VIPREGen:Variant.MSILHeracles.36459
SangforRansom.Win32.Virlock.Vrh2
AlibabaRansom:Win32/PolyRansom.c87d0bae
Cybereasonmalicious.3d04c3
BitDefenderThetaGen:NN.ZemsilF.34698.jm0@aCNkf8f
CyrenW32/MSIL_Agent.EBO.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.NOJ
APEXMalicious
TrendMicro-HouseCallRansom_PolyRansom.R002C0WIU22
Paloaltogeneric.ml
KasperskyTrojan-Ransom.Win32.PolyRansom.bvlp
BitDefenderGen:Variant.MSILHeracles.36459
AvastWin32:Malware-gen
TencentWin32.Trojan.Polyransom.Xwhl
Ad-AwareGen:Variant.MSILHeracles.36459
ComodoMalware@#1o3epucrp1t1h
TrendMicroRansom_PolyRansom.R002C0WIU22
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.MSILHeracles.36459 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.MSILHeracles.36459
GoogleDetected
AviraTR/Dropper.Gen
MAXmalware (ai score=86)
Antiy-AVLTrojan/Generic.ASMalwS.888B
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.MSILHeracles.D8E6B
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.C4276625
Acronissuspicious
ALYacGen:Variant.MSILHeracles.36459
MalwarebytesTrojan.Dropper
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:HsudEQYnWTBZSkdSVZ/zEw)
IkarusTrojan.Inject
MaxSecureTrojan.Malware.189851310.susgen
FortinetW32/PolyRansom.BVLP!tr.ransom
AVGWin32:Malware-gen
PandaTrj/Chgt.AA
CrowdStrikewin/malicious_confidence_100% (W)

How to remove MSIL/TrojanDownloader.Agent.NOJ?

MSIL/TrojanDownloader.Agent.NOJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment