Trojan

Should I remove “UDS:Trojan-Downloader.MSIL.Agent.sb”?

Malware Removal

The UDS:Trojan-Downloader.MSIL.Agent.sb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What UDS:Trojan-Downloader.MSIL.Agent.sb virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Attempts to create or modify system certificates

Related domains:

pastebin.com

How to determine UDS:Trojan-Downloader.MSIL.Agent.sb?



File Info:

crc32: D3B17A63
md5: e00566a3991b695afa9b113ec46fe903
name: E00566A3991B695AFA9B113EC46FE903.mlw
sha1: 5dbee7cbffaeb63f3a97e13cf3662835cc3134ff
sha256: 037ef76c667717f51fe0755b57c089ba73ea24cd8bcb5dce18fc1c8b6b76e18d
sha512: 528c9cf5e58c44b4e0cb456c602e4d18be6470bc5375d2e0891e8de577f4af66eaeab5e8d3671a0dfbef64a86e67f2014aa359a268a66567d1b3094f5a784726
ssdeep: 3072:tykG8VNOqv3aVm7oVss48OUBgLxQLAECv1cTroDxiuSU22Y1WlV:tyJcaM8OUBgL2UV6TQx/S72A2
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2017
Assembly Version: 1.0.0.0
InternalName: ConsoleApp1.exe
FileVersion: 1.0.0.0
CompanyName: 
LegalTrademarks: 
Comments: 
ProductName: ConsoleApp1
ProductVersion: 1.0.0.0
FileDescription: ConsoleApp1
OriginalFilename: ConsoleApp1.exe

UDS:Trojan-Downloader.MSIL.Agent.sb also known as:

LionicTrojan.MSIL.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader23.45375
ClamAVWin.Packed.Confuser-7052940-0
ALYacTrojan.GenericKD.40252106
SangforTrojan.MSIL.Confuser.mt
CrowdStrikewin/malicious_confidence_80% (D)
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyUDS:Trojan-Downloader.MSIL.Agent.sb
BitDefenderTrojan.GenericKD.40252106
NANO-AntivirusTrojan.Win32.Mlw.fcfwah
MicroWorld-eScanTrojan.GenericKD.40252106
TencentMsil.Trojan.Generic.Afgv
Ad-AwareTrojan.GenericKD.40252106
SophosGeneric ML PUA (PUA)
ComodoMalware@#2zy7isy04nw2l
BitDefenderThetaGen:NN.ZemsilF.34294.im0@amQ7XNb
FireEyeGeneric.mg.e00566a3991b695a
EmsisoftTrojan.GenericKD.40252106 (B)
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASBOL.38BB
MicrosoftBackdoor:Win32/Bladabindi!ml
ArcabitTrojan.Generic.D26632CA
GDataTrojan.GenericKD.40252106
AhnLab-V3Trojan/Win32.Tiny.C2303539
McAfeeArtemis!E00566A3991B
MAXmalware (ai score=94)
PandaTrj/CI.A
IkarusTrojan.MSIL.Bladabindi
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Generic!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove UDS:Trojan-Downloader.MSIL.Agent.sb?

UDS:Trojan-Downloader.MSIL.Agent.sb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment