The MSIL/TrojanDropper.Agent.CHC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
What MSIL/TrojanDropper.Agent.CHC virus can do?
File Info:
name: 30A744B0FB9FE503A5E2.mlwpath: /opt/CAPEv2/storage/binaries/5ef5f0eab4b06b2ba6e28175536f04f98f2dcd0bf67a0b9e21903985e2828dd4crc32: 846C32DDmd5: 30a744b0fb9fe503a5e21e1705b3b44esha1: 0a8d8e4ee20e6cc38e713d740799995bb67d5ba5sha256: 5ef5f0eab4b06b2ba6e28175536f04f98f2dcd0bf67a0b9e21903985e2828dd4sha512: fb7ba9d72ff2bde2742e4a24156be165f59591cf39c576393aa2876c4ce5898c878036b6d60ff2625d942570216aec605301157f784d7f39d88a8a51c62b9394ssdeep: 768:mjAI8xgo0WYTf3iTr08w2e0dguJcF4Qhc4VjsS8jdYKNu6LUEXcgA0:I8SbWYL3iH08w2r2hBjsVw18ztype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T19273662629FB109DF3A79EB21FC9F8FF886AE977551D30B631411B068722E408D52736sha3_384: 9858d6ac4cfb06720a7a22abbd5f453ed154a0e06978d3a77fefb24f21b66b7d12003d1dcbead4f6d7dc930303be7a61ep_bytes: ff250020400000000000000000000000timestamp: 2016-03-11 11:54:52Version Info:
Translation: 0x0000 0x04b0CompanyName: MicrosoftFileDescription: WindowsApplication1FileVersion: 1.0.0.0InternalName: WindowsApplication1.exeLegalCopyright: Copyright © Microsoft 2016OriginalFilename: WindowsApplication1.exeProductName: WindowsApplication1ProductVersion: 1.0.0.0Assembly Version: 1.0.0.0
Bkav | W32.AIDetectNet.01 |
Lionic | Heuristic.File.Generic.00×1!p |
DrWeb | BackDoor.Bladabindi.13334 |
MicroWorld-eScan | Gen:Trojan.Heur.DNP.eq0@ayKyRjf |
FireEye | Generic.mg.30a744b0fb9fe503 |
CAT-QuickHeal | Backdoor.Fynloski.A3 |
ALYac | Gen:Trojan.Heur.DNP.eq0@ayKyRjf |
Cylance | Unsafe |
VIPRE | Gen:Trojan.Heur.DNP.eq0@ayKyRjf |
Sangfor | Backdoor.Win32.Bladabindi.8 |
CrowdStrike | win/malicious_confidence_100% (W) |
Alibaba | Backdoor:MSIL/Bladabindi.4ea3f88c |
K7GW | Trojan ( 0055e3de1 ) |
K7AntiVirus | Trojan ( 0055e3de1 ) |
BitDefenderTheta | AI:Packer.0DBC8CF21F |
VirIT | Backdoor.Win32.Bladabindi.TSW |
Cyren | W32/MSIL_Kryptik.CWS.gen!Eldorado |
Symantec | ML.Attribute.HighConfidence |
Elastic | malicious (high confidence) |
ESET-NOD32 | a variant of MSIL/TrojanDropper.Agent.CHC |
APEX | Malicious |
Paloalto | generic.ml |
ClamAV | Win.Packed.Ursu-8015308-0 |
Kaspersky | HEUR:Backdoor.MSIL.Generic |
BitDefender | Gen:Trojan.Heur.DNP.eq0@ayKyRjf |
NANO-Antivirus | Trojan.Win32.Bladabindi.eaybhr |
Avast | Win32:Malware-gen |
Tencent | Malware.Win32.Gencirc.114c0426 |
Ad-Aware | Gen:Trojan.Heur.DNP.eq0@ayKyRjf |
Sophos | ML/PE-A |
Comodo | TrojWare.MSIL.Agent.GH@60rvah |
Zillya | Dropper.Agent.Win32.240225 |
TrendMicro | TROJ_GEN.R067C0DHJ22 |
McAfee-GW-Edition | BackDoor-NJRat.a |
Emsisoft | Gen:Trojan.Heur.DNP.eq0@ayKyRjf (B) |
SentinelOne | Static AI – Malicious PE |
Detected | |
Avira | HEUR/AGEN.1241429 |
Antiy-AVL | Trojan/Generic.ASMalwS.19D4 |
Microsoft | Backdoor:MSIL/Bladabindi.B |
Arcabit | Trojan.Heur.DNP.ED4140 |
GData | Gen:Trojan.Heur.DNP.eq0@ayKyRjf |
Cynet | Malicious (score: 99) |
Acronis | suspicious |
McAfee | BackDoor-NJRat.a |
MAX | malware (ai score=83) |
Malwarebytes | Malware.AI.3192193298 |
Rising | Trojan.Generic/MSIL@AI.90 (RDM.MSIL:ivoEFGD4c1SiW2gomTl43Q) |
Yandex | Trojan.Disfa!FJOzrr6qDZU |
Ikarus | Trojan-PSW.ILUSpy |
MaxSecure | Trojan.Malware.300983.susgen |
Fortinet | MSIL/Injector.NXR!tr |
AVG | Win32:Malware-gen |
Cybereason | malicious.0fb9fe |
Panda | Trj/GdSda.A |
The Malware.AI.3856697558 is considered dangerous by lots of security experts. When this infection is active,…
The BrowseFox.Adware.AdInjector.DDS is considered dangerous by lots of security experts. When this infection is active,…
The Win32:AutoRun-BSW [Wrm] is considered dangerous by lots of security experts. When this infection is…
The MSIL/TrojanDownloader.Agent.QQN is considered dangerous by lots of security experts. When this infection is active,…
The Malware.AI.975225574 is considered dangerous by lots of security experts. When this infection is active,…
The Ursu.840201 is considered dangerous by lots of security experts. When this infection is active,…