Categories: Backdoor

What is “Backdoor.MSIL.LightStone.vho”?

The Backdoor.MSIL.LightStone.vho is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.MSIL.LightStone.vho virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

How to determine Backdoor.MSIL.LightStone.vho?



File Info:

crc32: F5AB9AB7md5: b4d3e1015a75160bb9327827b5ae718ename: B4D3E1015A75160BB9327827B5AE718E.mlwsha1: abac0126f87cba46c299f799e37e10c4c9ce32d3sha256: d45b0a5f7c128ab927e21c7e9e4d440ff0037c0c95961e1a6fb3e6eedcc4e60fsha512: c7e3308aec1fde46994de170dbb27151975bc784150abd1f6d621436354d330f77586b7282d7a804a419b372514d2e15b9aad1900bd17fd40cfbe86f1e5ac471ssdeep: 24576:dCBnMb0kW3m97hcz6FYetxPEu/MnOuv5zvkCOsqnitdyHnk542tbjxuU3:QBMAktRhZjTPlWJxQnN0ZAKtype: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Backdoor.MSIL.LightStone.vho also known as:

Bkav W32.AIDetect.malware1
Elastic malicious (high confidence)
FireEye Generic.mg.b4d3e1015a75160b
McAfee Artemis!B4D3E1015A75
Cylance Unsafe
Sangfor Trojan.Win32.Save.a
Cybereason malicious.6f87cb
BitDefenderTheta Gen:NN.ZexaF.34608.nDW@aCTL@api
Symantec ML.Attribute.HighConfidence
Avast Win32:Malware-gen
Kaspersky HEUR:Backdoor.MSIL.LightStone.vho
Alibaba Packed:Win32/EnigmaProtector.bb2b496e
Rising PUF.Pack-Enigma!1.BA33 (CLOUD)
Sophos ML/PE-A
McAfee-GW-Edition BehavesLike.Win32.Generic.tc
Ikarus PUA.Packed.Enigma
Avira HEUR/AGEN.1137410
Microsoft Program:Win32/Wacapew.C!ml
Cynet Malicious (score: 100)
ESET-NOD32 a variant of Win32/Packed.EnigmaProtector.J suspicious
Acronis suspicious
VBA32 Trojan.Zpevdo
Malwarebytes Backdoor.Bladabindi
APEX Malicious
SentinelOne Static AI – Suspicious PE
AVG Win32:Malware-gen
Paloalto generic.ml
CrowdStrike win/malicious_confidence_100% (W)
Qihoo-360 Win32/Trojan.Generic.HxIBtH8A

How to remove Backdoor.MSIL.LightStone.vho?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: Backdoor.MSIL.LightStone.vho
3 years ago

Recent Posts

Barys.385087 removal guide

The Barys.385087 is considered dangerous by lots of security experts. When this infection is active,…

4 mins ago

PWS:Win32/Chyup.B malicious file

The PWS:Win32/Chyup.B is considered dangerous by lots of security experts. When this infection is active,…

10 mins ago

Trojan.Win32.Agent.xboakk removal

The Trojan.Win32.Agent.xboakk is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

About “Worm.Win32.Vobfus.efoh” infection

The Worm.Win32.Vobfus.efoh is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Generic.Malware.Lco.500CC679 removal tips

The Generic.Malware.Lco.500CC679 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Trojan:Win32/Plugx.B malicious file

The Trojan:Win32/Plugx.B is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago