MSIL/TrojanDropper.Agent.FPU malicious file

The MSIL/TrojanDropper.Agent.FPU is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/TrojanDropper.Agent.FPU virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine MSIL/TrojanDropper.Agent.FPU?


File Info:
name: 9668D3844BF9E72548AB.mlw
path: /opt/CAPEv2/storage/binaries/c0f68c78f901baabf643634907a305743664dcabfec78ec6c46b4e4eb8b1c0ff
crc32: EEB195FB
md5: 9668d3844bf9e72548ab2f7a279578d1
sha1: 494c98e995147efba2e522ba7e96f1669868827c
sha256: c0f68c78f901baabf643634907a305743664dcabfec78ec6c46b4e4eb8b1c0ff
sha512: 7573174997c5f1810904d8c7c9e637ecbc8c31b607014458fc65c9b681d35653674fb5d9a8147fecc8d8160b92964306412ee42ef3c62958b5d4efcb2a4780ab
ssdeep: 1536:tLCXyHdJ5SLuNv7xjrrGTObmTEAzk8Y5QuZU5vNUZLUAH6qeS0yX9Hrc:tLCXyBSqF7xjrKKbmoAItQuZUNSZLKqe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B98302243FA8C36AF1B72EBE0CDC3B4559F963565622114D3AE3426BCE13B50C760A79
sha3_384: cbc47d221cfcfbd04df755d6481907a32738837c2b0c96b1ff3a3c9af9340bfbec8cab43bd25a3bdb312b993f0a13944
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-09-16 08:37:49

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: veni.pdf
LegalCopyright:  
OriginalFilename: veni.pdf
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/TrojanDropper.Agent.FPU also known as:

Cynet	Malicious (score: 100)
ALYac	IL:Trojan.MSILZilla.20149
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.995147
Cyren	W32/Azorult.D.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.FPU
APEX	Malicious
Kaspersky	HEUR:Trojan.MSIL.Agent.gen
BitDefender	IL:Trojan.MSILZilla.20149
MicroWorld-eScan	IL:Trojan.MSILZilla.20149
Avast	Win32:CrypterX-gen [Trj]
Rising	Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:fgPfNjCqlHvWr/dbbhimRA)
Emsisoft	IL:Trojan.MSILZilla.20149 (B)
F-Secure	Trojan.TR/Dropper.Gen
VIPRE	IL:Trojan.MSILZilla.20149
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.9668d3844bf9e725
Sophos	ML/PE-A
SentinelOne	Static AI – Malicious PE
Avira	TR/Dropper.Gen
Microsoft	Trojan:MSIL/AsyncRAT.Z!MTB
Arcabit	IL:Trojan.MSILZilla.D4EB5
ZoneAlarm	HEUR:Trojan.MSIL.Agent.gen
GData	IL:Trojan.MSILZilla.20149
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5173441
MAX	malware (ai score=86)
Malwarebytes	MachineLearning/Anomalous.96%
Ikarus	Trojan.MSIL.Krypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/GenKryptik.FVDD!tr
BitDefenderTheta	Gen:NN.ZemsilF.36662.fm0@aykRiYd
AVG	Win32:CrypterX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove MSIL/TrojanDropper.Agent.FPU?

MSIL/TrojanDropper.Agent.FPU removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X