Trojan

Trojan.MSIL.Agent.DJU removal tips

Malware Removal

The Trojan.MSIL.Agent.DJU is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MSIL.Agent.DJU virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the AgentTeslaV2 malware family
  • Checks the CPU name from registry, possibly for anti-virtualization

How to determine Trojan.MSIL.Agent.DJU?



File Info:

name: 1D241DA04A56E3EE3473.mlw
path: /opt/CAPEv2/storage/binaries/0e4546c862a2f464fc82f9db2290df0b72a14c767b2d0c6bc4d7878d5d56cb89
crc32: 169AF9FB
md5: 1d241da04a56e3ee3473d46f8919c12c
sha1: 82c28811817ecedfb2a416747ecbe6d1800344e4
sha256: 0e4546c862a2f464fc82f9db2290df0b72a14c767b2d0c6bc4d7878d5d56cb89
sha512: efa0f4dc9e5e2b269933f51d8c2e6d53f1f8daa3231e9dc47a8b4f0c5792ac1e6f2ce05224f6f1a403639674a11587bf8da145e0b1b4d549111fb020624033f6
ssdeep: 3072:xb/XDMnCorWmOneyFXeiFswvWq8HctD+bWlh2OnLpfIULKM7Y8TkWzq9elEu7ZG5:xrwrdODmI2bWT2O2URE8Tk+WeElGE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F034D0840CEB3FA3F1FFF676BCA695F80BCA6C563D3B87072102CA64A1569645640D39
sha3_384: f34e0018f9d11269d7aa94d17dd862fd0632d9e4bec676ea7904fe381288082b388619b35a78d788b299cfcbd34ebe4b
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-04-04 21:00:22


Version Info:

0: [No Data]

Trojan.MSIL.Agent.DJU also known as:

BkavW32.AIDetectNet.01
LionicTrojan.Win32.Scarsi.4!c
MicroWorld-eScanTrojan.MSIL.Agent.DJU
ALYacTrojan.MSIL.Agent.DJU
CylanceUnsafe
VIPRETrojan.MSIL.Agent.DJU
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00533ba61 )
AlibabaTrojan:Win32/Kryptik.ali2000016
K7GWTrojan ( 00533ba61 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Trojan.BFR.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.NNP
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyTrojan.Win32.Scarsi.asxo
BitDefenderTrojan.MSIL.Agent.DJU
NANO-AntivirusTrojan.Win32.Scarsi.eznkdl
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan.Scarsi.Ddhl
Ad-AwareTrojan.MSIL.Agent.DJU
EmsisoftTrojan.MSIL.Agent.DJU (B)
ComodoTrojWare.MSIL.Skeeyah.NNP@7nkord
DrWebTrojan.PWS.Stealer.19347
ZillyaTrojan.Scarsi.Win32.4612
TrendMicroTSPY_PASSTEAL.AUSIOJ
McAfee-GW-EditionPacked-FDD!1D241DA04A56
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.1d241da04a56e3ee
SophosML/PE-A + Troj/MSIL-LDW
IkarusTrojan-Spy.Agent
GDataTrojan.MSIL.Agent.DJU
JiangminTrojan.Scarsi.cfw
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1202427
MAXmalware (ai score=99)
ArcabitTrojan.MSIL.Agent.DJU
MicrosoftVirTool:MSIL/Injector
GoogleDetected
AhnLab-V3Trojan/Win32.Injector.C2460854
Acronissuspicious
McAfeePacked-FDD!1D241DA04A56
MalwarebytesSpyware.AgentTesla.MSIL.Generic
TrendMicro-HouseCallTSPY_PASSTEAL.AUSIOJ
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:4u2UGLg6b1Pd/tFNFak2fg)
YandexTrojan.Scarsi!cZ30mMuaf9c
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.NNP!tr
BitDefenderThetaGen:NN.ZemsilF.34754.pmW@aK9mfTq
AVGWin32:TrojanX-gen [Trj]
Cybereasonmalicious.04a56e
PandaTrj/GdSda.A

How to remove Trojan.MSIL.Agent.DJU?

Trojan.MSIL.Agent.DJU removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment