About “MSIL:Agent-AK [Drp]” infection

The MSIL:Agent-AK [Drp] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL:Agent-AK [Drp] virus can do?

Authenticode signature is invalid

How to determine MSIL:Agent-AK [Drp]?


File Info:
name: 6F132F0D31E0D62FD2ED.mlw
path: /opt/CAPEv2/storage/binaries/82c018e6bde94c00e99f550ccf149021a048f2edc2973b9e5106995b7b4b1b55
crc32: F9D89726
md5: 6f132f0d31e0d62fd2ed6b3cfce4c71e
sha1: c3ac2c2fa393b8db352941dbae1bb23f7fa97cda
sha256: 82c018e6bde94c00e99f550ccf149021a048f2edc2973b9e5106995b7b4b1b55
sha512: c436b8dd8d66dbbb8bee996392a02e62bef7487f7ff0d6c7ebdee07812b3208604fcf2070a81fdc085fc4b3a88ac8c8e8984e280c2adf3d6c48b6d905c72df6a
ssdeep: 12288:W79ivVthi5kk+I3huihEETzmfRZkdVtyfxbzqxmwsQ7McfxxfXd5AJQPI2rhciRJ:WXEUESA2bRC6h/Pht/zMY9t0DM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F235493439FA6019B173EFA64BE475DADA2FB7733B07642D105103864723A81DED1A3A
sha3_384: 21b22c6d5305db2676c535bba944f8c5bec211c6cbc0bb92bf6af648e6cf11263f442eca8676f59005510499844394bf
ep_bytes: 00000000000000000000000000000000
timestamp: 2021-11-30 12:55:00

Version Info:
Translation: 0x0000 0x04b0
Comments: atvzKdSRmSejDmP
CompanyName: kdJLnLNuCWASPGs
FileDescription: TMdMDfAOaLpCMnM
FileVersion: 7.8.0.3
InternalName: AUzGYcAX.exe
LegalCopyright: fJXoyGwWWeavMlN
LegalTrademarks: cGfGMZsCkwdkgmK
OriginalFilename: AUzGYcAX.exe
ProductName: knrjhUADTrlaCRY
ProductVersion: 7.8.0.3
Assembly Version: 7.8.0.3

MSIL:Agent-AK [Drp] also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.ManBat.1
FireEye	Generic.mg.6f132f0d31e0d62f
ALYac	Gen:Heur.ManBat.1
CrowdStrike	win/malicious_confidence_90% (W)
Cyren	W32/MSIL_Mintluks.D.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Heur.ManBat.1
Avast	MSIL:Agent-AK [Drp]
Rising	Trojan.Generic@ML.97 (RDMK:H9IA3mZ6/h8a6spzqOVYoA)
Ad-Aware	Gen:Heur.ManBat.1
Emsisoft	Gen:Heur.ManBat.1 (B)
Zillya	Trojan.Generic.Win32.1639141
TrendMicro	TROJ_GEN.R002C0WL321
McAfee-GW-Edition	Artemis!Trojan
Sophos	ML/PE-A
SentinelOne	Static AI – Malicious PE
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Gen:Heur.ManBat.1
Cynet	Malicious (score: 100)
McAfee	Artemis!6F132F0D31E0
MAX	malware (ai score=87)
Malwarebytes	Malware.AI.3232150176
TrendMicro-HouseCall	TROJ_GEN.R002C0WL321
Tencent	Win32.Trojan.Generic.Wptj
Ikarus	Trojan-Dropper.MSIL
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/PossibleThreat
AVG	MSIL:Agent-AK [Drp]
Cybereason	malicious.d31e0d

How to remove MSIL:Agent-AK [Drp]?

MSIL:Agent-AK [Drp] removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X