MSIL/TrojanDropper.Agent.FCJ removal guide

The MSIL/TrojanDropper.Agent.FCJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/TrojanDropper.Agent.FCJ virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous binary characteristics

How to determine MSIL/TrojanDropper.Agent.FCJ?


File Info:
name: F2D5D5AB270657820FB5.mlw
path: /opt/CAPEv2/storage/binaries/b726cbcd6add0828af2cfe87b6e147a98aef43b65b4e85c45e754314f8e63118
crc32: 16787A3D
md5: f2d5d5ab270657820fb54c6f97ed61f2
sha1: da717cf539df0c8db0528bfdc2544a34cfbc9aa4
sha256: b726cbcd6add0828af2cfe87b6e147a98aef43b65b4e85c45e754314f8e63118
sha512: 10b11eb0e98f9d500ed29c86981a3a13f002b11485d8e2d89dc9c81ac6eebf4f10e9edee3509a23c16c67fd8846f1dea0abf0616195f3b45f88e06b34724a0e0
ssdeep: 12288:N9YG8IG4lXC3DcRU8GXAHM5iv7JSuV5Kh:BLCzBuXg
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1E13502EDE40C9863C379A53AC3FF3E29932445930603DC85A1A275E43B53B56BE4A85F
sha3_384: d04584184ab17f3c6a008d82b79aa07e6f39a4bf9c005dc4cc9bd5fa25b1dc88b5ba6a3c773d7b56d8d024a8c79e5ece
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2021-12-02 17:08:20

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Krash
FileVersion: 1.0.0.0
InternalName: Krash.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Krash.exe
ProductName: Krash
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/TrojanDropper.Agent.FCJ also known as:

Lionic	Trojan.MSIL.Bladabindi.m!c
Elastic	malicious (high confidence)
DrWeb	BackDoor.Bladabindi.16104
FireEye	Generic.mg.f2d5d5ab27065782
McAfee	Artemis!F2D5D5AB2706
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0058b5471 )
Alibaba	Backdoor:MSIL/Bladabindi.e681e53e
K7GW	Trojan ( 0058b5471 )
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.FCJ
TrendMicro-HouseCall	TROJ_GEN.R002H0DL821
Paloalto	generic.ml
Kaspersky	HEUR:Backdoor.MSIL.Bladabindi.gen
Avast	Win64:DropperX-gen [Drp]
Tencent	Malware.Win32.Gencirc.10cf977e
Zillya	Dropper.Agent.Win32.467522
McAfee-GW-Edition	Artemis!Trojan
Sophos	Mal/Generic-S
Ikarus	Trojan-Dropper.MSIL.Agent
Avira	TR/Drop.Agent.xxkrs
Gridinsoft	Ransom.Win64.Sabsik.sa
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	MSIL.Backdoor.Nancat.CI907O
Cynet	Malicious (score: 99)
VBA32	Backdoor.MSIL.Bladabindi
Malwarebytes	Malware.AI.3593143627
APEX	Malicious
SentinelOne	Static AI – Malicious PE
Fortinet	MSIL/Agent.FCJ!tr
Webroot	W32.Trojan.Gen
AVG	Win64:DropperX-gen [Drp]
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove MSIL/TrojanDropper.Agent.FCJ?

MSIL/TrojanDropper.Agent.FCJ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X