Backdoor

Backdoor.MSIL.LightStone.dbv removal tips

Malware Removal

The Backdoor.MSIL.LightStone.dbv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.MSIL.LightStone.dbv virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Executed a command line with /C or /R argument to terminate command shell on completion which can be used to hide execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location

How to determine Backdoor.MSIL.LightStone.dbv?



File Info:

name: E391F16F527DBC8C33DF.mlw
path: /opt/CAPEv2/storage/binaries/930d5897ca02a5145461d7f181a5a6093a3ea5522942b238b7c08f92eb33c64b
crc32: 93ED44BD
md5: e391f16f527dbc8c33df3890f08c59b9
sha1: f947dbe5f038e5e01cd73d3453637307739d0bbe
sha256: 930d5897ca02a5145461d7f181a5a6093a3ea5522942b238b7c08f92eb33c64b
sha512: f13b05543ba849c2b644bbf1ca6e16ae6975a7aabf6d77dc0290728ece05d7d5a91db31fa2925f84519fa09a3805068f4e89c99d3fd1ccea20e2df5457398445
ssdeep: 98304:E5aF/gPckoyti5pmT4XgOGsZHihIIuwC9FgJRfu+ZR4nRW0e3ZZxiqZ77:E5aF/QyJXhHiQHUfBR4Re3Zt7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E83633E0A4E74277C29B133D1BCA7BE137FD9A282317969B53914F07DD803E6832A255
sha3_384: 19df4afa8fae59eeefd212aec255593ed2edb1520a6731913748a40c77e1a5d41ca83e2444e2dbe3c76e7c3d9fdfabfb
ep_bytes: 558bec6aff6880fa410068f0c4410064
timestamp: 2016-04-02 22:14:34


Version Info:

ProductName: Google Update
Comments: Copyright 2018 Google LLC
FileVersion: 1.3.36.82
OriginalFilename: GoogleUpdateSetup.exe
FileDescription: Google Update Setup
ProductVersion: 1.3.36.82
Created: 7z SFX Constructor v4.5.0.0 (http://usbtor.ru/viewtopic.php?t=798)
Builder: Alex 18:36:49 24/05/2021
Translation: 0x0000 0x04b0

Backdoor.MSIL.LightStone.dbv also known as:

BkavW32.AIDetect.malware2
LionicTrojan.MSIL.LightStone.m!c
MicroWorld-eScanTrojan.GenericKD.37047872
FireEyeGeneric.mg.e391f16f527dbc8c
McAfeeArtemis!E391F16F527D
CylanceUnsafe
SangforBackdoor.MSIL.LightStone.dbv
AlibabaBackdoor:Win32/LightStone.70d71905
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
CyrenW32/Trojan.BEUN-2905
ESET-NOD32BAT/TrojanDropper.Agent.NFZ
Paloaltogeneric.ml
ClamAVWin.Malware.Bulz-9866401-0
KasperskyBackdoor.MSIL.LightStone.dbv
BitDefenderTrojan.GenericKD.37047872
AvastWin32:Trojan-gen
TencentMsil.Backdoor.Lightstone.Ajuv
Ad-AwareTrojan.GenericKD.37047872
EmsisoftTrojan.GenericKD.37047872 (B)
ComodoMalware@#3gqw6t96z8op2
DrWebTrojan.Starter.8002
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.F0CBC0UH521
SophosMal/Generic-S + Troj/Agent-BGQN
APEXMalicious
JiangminTrojan/CoinMiner.ab.a
WebrootW32.Trojan.Gen
AviraBDS/Redcap.pdtul
KingsoftWin32.Hack.Undef.(kcloud)
ArcabitTrojan.Generic.D2354E40
MicrosoftTrojan:Win32/Reline.AMH!MTB
CynetMalicious (score: 99)
AhnLab-V3Malware/Win.Generic.C4493427
VBA32Trojan.Hesv
ALYacTrojan.GenericKD.37047872
MalwarebytesMalware.AI.4284349141
YandexBackdoor.LightStone!w+vbbPvaato
IkarusBackdoor.Win32.DCRat
MaxSecureTrojan.Malware.118307139.susgen
FortinetBAT/Agent.NFZ!tr
AVGWin32:Trojan-gen
PandaTrj/CI.A

How to remove Backdoor.MSIL.LightStone.dbv?

Backdoor.MSIL.LightStone.dbv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment