‘Trojan-Dropper.MSIL.Agent’ removal guide

The ‘Trojan-Dropper.MSIL.Agent’ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What ‘Trojan-Dropper.MSIL.Agent’ virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics
Binary compilation timestomping detected

How to determine ‘Trojan-Dropper.MSIL.Agent’?


File Info:
name: 8082A3D3F3EFEE753E0A.mlw
path: /opt/CAPEv2/storage/binaries/269805cd24da9d394983bf2410a4dd7d3d64b08a2d35c0c2b7fcf1cb29deab50
crc32: 39B5F8C7
md5: 8082a3d3f3efee753e0a2227dab2ba00
sha1: 9f7bf09ea99d37f93d76beff754f102884b84d1f
sha256: 269805cd24da9d394983bf2410a4dd7d3d64b08a2d35c0c2b7fcf1cb29deab50
sha512: 3ecd63502fcbdeb0f9877e68f340e2f5237d5348d102901e9a0e51fea02ae1126feaa197656a5ec7fffde4822525c1efcee6b198d775b6536dcafcccc26e975c
ssdeep: 12288:ap3CCtU2xYgWF2xTxchnlfmCsGfsnEPGvNQ1RMYs:aM4W8clcCsGf0lt
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T16BF48DFAB90D6A63C6386E7940DF1DA437B444130712E94AFC1830F5EA52A4B6EC3D5B
sha3_384: 79406370272defac38533e1302cf3319fe5b3c19d5f64b1190ebcdf4bde1d290700f2acfd4342cdf2b75df9c82c0efb8
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2104-05-08 04:46:11

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Bot
FileVersion: 1.0.0.0
InternalName: Bot.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Bot.exe
ProductName: Bot
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

‘Trojan-Dropper.MSIL.Agent’ also known as:

Lionic	Trojan.MSIL.Bladabindi.m!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.47644521
FireEye	Generic.mg.8082a3d3f3efee75
McAfee	Artemis!8082A3D3F3EF
Cylance	Unsafe
K7AntiVirus	Trojan ( 0058b8771 )
Alibaba	Trojan:MSIL/DropperX.0da1d3e3
K7GW	Trojan ( 0058b8771 )
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	Backdoor.Ratenjay
ESET-NOD32	a variant of MSIL/TrojanDropper.Agent.FIP
APEX	Malicious
Paloalto	generic.ml
Kaspersky	‘HEUR:Trojan-Dropper.MSIL.Agent.gen’
BitDefender	Trojan.GenericKD.47644521
Avast	Win64:DropperX-gen [Drp]
Tencent	Malware.Win32.Gencirc.10cf9d60
Ad-Aware	Trojan.GenericKD.47644521
Emsisoft	Trojan.GenericKD.47644521 (B)
DrWeb	BackDoor.Bladabindi.16104
Zillya	Dropper.Agent.Win32.467749
TrendMicro	TROJ_GEN.R011C0WLF21
McAfee-GW-Edition	BehavesLike.Win64.Autorun.bh
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Avira	TR/Drop.Agent.mcexq
Gridinsoft	Ransom.Win64.Bladabindi.sa
Microsoft	Trojan:Script/Phonzy.C!ml
GData	MSIL.Backdoor.Bladabindi.TKY35G
Cynet	Malicious (score: 100)
AhnLab-V3	Dropper/Win.DropperX-gen.C4845626
ALYac	Trojan.GenericKD.47644521
MAX	malware (ai score=82)
VBA32	Backdoor.MSIL.Bladabindi
Malwarebytes	Trojan.Dropper
TrendMicro-HouseCall	TROJ_GEN.R011C0WLF21
Ikarus	Trojan-Dropper.MSIL.Agent
MaxSecure	Trojan.Malware.73686729.susgen
Fortinet	MSIL/Agent.FIP!tr
Webroot	W32.Trojan.Dropper
AVG	Win64:DropperX-gen [Drp]
Cybereason	malicious.ea99d3
Panda	Trj/CI.A

How to remove ‘Trojan-Dropper.MSIL.Agent’?

'Trojan-Dropper.MSIL.Agent' removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X