Trojan

Trojan-Dropper.MSIL.Agent.seskqu (file analysis)

Malware Removal

The Trojan-Dropper.MSIL.Agent.seskqu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Dropper.MSIL.Agent.seskqu virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan-Dropper.MSIL.Agent.seskqu?



File Info:

name: D97A38C3BEA371DA6D9D.mlw
path: /opt/CAPEv2/storage/binaries/df9df29f3c0d3af0e23a5f32be956469661f8f4006162442737452f5c5709744
crc32: 9B88DEBB
md5: d97a38c3bea371da6d9dfaee99ed039d
sha1: 1fec3033a83b2ceea2f34bf81fc0929d2570fbdd
sha256: df9df29f3c0d3af0e23a5f32be956469661f8f4006162442737452f5c5709744
sha512: 781c60f7af50fd41985afec6a8cc994656505c676a83624e624821a999a92bbb7d0924e06cd4171dbcbed436d34bfae5c865c9b9b6d31acb0f3c48877e34ea1d
ssdeep: 49152:M5/OQG3yFeR32rb/TivO90dL3BmAFd4A64nsfJJP1CuuWxN7GfMqmPNVqbmQqr+p:M5ba3gPkk
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T17726D007BC9064B9C5E9C2338DB9B29176B1B858173167C72F50A6BA2FB37D40E35398
sha3_384: 2b5bd479d467960772021d2f6b52f030743061a32d02bad2dc8c3f83814f6fb8de491ef03949671f39bc02f4da411797
ep_bytes: e97bc3ffffcccccccccccccccccccccc
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Trojan-Dropper.MSIL.Agent.seskqu also known as:

LionicTrojan.Win32.Cobalt.trRF
Elasticmalicious (high confidence)
DrWebTrojan.Siggen15.49928
MicroWorld-eScanTrojan.GenericKD.38090586
FireEyeTrojan.GenericKD.38090586
McAfeeArtemis!D97A38C3BEA3
CylanceUnsafe
K7AntiVirusTrojan ( 00580cbe1 )
AlibabaTrojanDropper:MSIL/GoCLR.8d740070
K7GWTrojan ( 00580cbe1 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of WinGo/GoCLR.B
TrendMicro-HouseCallTROJ_GEN.R002C0WKP21
KasperskyTrojan-Dropper.MSIL.Agent.seskqu
BitDefenderTrojan.GenericKD.38090586
AvastWin64:Trojan-gen
TencentWin32.Trojan.Goclr.Wsjy
Ad-AwareTrojan.GenericKD.38090586
SophosMal/Generic-S
TrendMicroTROJ_GEN.R002C0WKP21
McAfee-GW-EditionBehavesLike.Win64.Generic.rh
EmsisoftTrojan.GenericKD.38090586 (B)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.38090586
eGambitUnsafe.AI_Score_100%
AviraHEUR/AGEN.1145496
MAXmalware (ai score=87)
Antiy-AVLTrojan/Generic.ASMalwS.34D5FA5
KingsoftWin32.Troj.Generic_a.a.(kcloud)
ArcabitTrojan.Generic.D245375A
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
VBA32TrojanDropper.MSIL.Agent
ALYacTrojan.GenericKD.38090586
MalwarebytesTrojan.Dropper.GO
APEXMalicious
RisingHackTool.GoCLR!1.D71D (CLASSIC)
IkarusTrojan.WinGo.Goclr
FortinetW64/GoCLR.B!tr
AVGWin64:Trojan-gen
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Trojan-Dropper.MSIL.Agent.seskqu?

Trojan-Dropper.MSIL.Agent.seskqu removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment