Categories: Trojan

MSIL/TrojanDropper.Agent.CHC removal instruction

The MSIL/TrojanDropper.Agent.CHC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What MSIL/TrojanDropper.Agent.CHC virus can do?

CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine MSIL/TrojanDropper.Agent.CHC?


File Info:
name: 30A744B0FB9FE503A5E2.mlwpath: /opt/CAPEv2/storage/binaries/5ef5f0eab4b06b2ba6e28175536f04f98f2dcd0bf67a0b9e21903985e2828dd4crc32: 846C32DDmd5: 30a744b0fb9fe503a5e21e1705b3b44esha1: 0a8d8e4ee20e6cc38e713d740799995bb67d5ba5sha256: 5ef5f0eab4b06b2ba6e28175536f04f98f2dcd0bf67a0b9e21903985e2828dd4sha512: fb7ba9d72ff2bde2742e4a24156be165f59591cf39c576393aa2876c4ce5898c878036b6d60ff2625d942570216aec605301157f784d7f39d88a8a51c62b9394ssdeep: 768:mjAI8xgo0WYTf3iTr08w2e0dguJcF4Qhc4VjsS8jdYKNu6LUEXcgA0:I8SbWYL3iH08w2r2hBjsVw18ztype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T19273662629FB109DF3A79EB21FC9F8FF886AE977551D30B631411B068722E408D52736sha3_384: 9858d6ac4cfb06720a7a22abbd5f453ed154a0e06978d3a77fefb24f21b66b7d12003d1dcbead4f6d7dc930303be7a61ep_bytes: ff250020400000000000000000000000timestamp: 2016-03-11 11:54:52
Version Info:
Translation: 0x0000 0x04b0CompanyName: MicrosoftFileDescription: WindowsApplication1FileVersion: 1.0.0.0InternalName: WindowsApplication1.exeLegalCopyright: Copyright © Microsoft 2016OriginalFilename: WindowsApplication1.exeProductName: WindowsApplication1ProductVersion: 1.0.0.0Assembly Version: 1.0.0.0

MSIL/TrojanDropper.Agent.CHC also known as:

Bkav	W32.AIDetectNet.01
Lionic	Heuristic.File.Generic.00×1!p
DrWeb	BackDoor.Bladabindi.13334
MicroWorld-eScan	Gen:Trojan.Heur.DNP.eq0@ayKyRjf
FireEye	Generic.mg.30a744b0fb9fe503
CAT-QuickHeal	Backdoor.Fynloski.A3
ALYac	Gen:Trojan.Heur.DNP.eq0@ayKyRjf
Cylance	Unsafe
VIPRE	Gen:Trojan.Heur.DNP.eq0@ayKyRjf
Sangfor	Backdoor.Win32.Bladabindi.8
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Backdoor:MSIL/Bladabindi.4ea3f88c
K7GW	Trojan ( 0055e3de1 )
K7AntiVirus	Trojan ( 0055e3de1 )
BitDefenderTheta	AI:Packer.0DBC8CF21F
VirIT	Backdoor.Win32.Bladabindi.TSW
Cyren	W32/MSIL_Kryptik.CWS.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.CHC
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Packed.Ursu-8015308-0
Kaspersky	HEUR:Backdoor.MSIL.Generic
BitDefender	Gen:Trojan.Heur.DNP.eq0@ayKyRjf
NANO-Antivirus	Trojan.Win32.Bladabindi.eaybhr
Avast	Win32:Malware-gen
Tencent	Malware.Win32.Gencirc.114c0426
Ad-Aware	Gen:Trojan.Heur.DNP.eq0@ayKyRjf
Sophos	ML/PE-A
Comodo	TrojWare.MSIL.Agent.GH@60rvah
Zillya	Dropper.Agent.Win32.240225
TrendMicro	TROJ_GEN.R067C0DHJ22
McAfee-GW-Edition	BackDoor-NJRat.a
Emsisoft	Gen:Trojan.Heur.DNP.eq0@ayKyRjf (B)
SentinelOne	Static AI – Malicious PE
Google	Detected
Avira	HEUR/AGEN.1241429
Antiy-AVL	Trojan/Generic.ASMalwS.19D4
Microsoft	Backdoor:MSIL/Bladabindi.B
Arcabit	Trojan.Heur.DNP.ED4140
GData	Gen:Trojan.Heur.DNP.eq0@ayKyRjf
Cynet	Malicious (score: 99)
Acronis	suspicious
McAfee	BackDoor-NJRat.a
MAX	malware (ai score=83)
Malwarebytes	Malware.AI.3192193298
Rising	Trojan.Generic/MSIL@AI.90 (RDM.MSIL:ivoEFGD4c1SiW2gomTl43Q)
Yandex	Trojan.Disfa!FJOzrr6qDZU
Ikarus	Trojan-PSW.ILUSpy
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Injector.NXR!tr
AVG	Win32:Malware-gen
Cybereason	malicious.0fb9fe
Panda	Trj/GdSda.A