Backdoor.MSIL.ReverseShell.i information

The Backdoor.MSIL.ReverseShell.i is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Backdoor.MSIL.ReverseShell.i virus can do?

Authenticode signature is invalid
Anomalous binary characteristics
Binary compilation timestomping detected

How to determine Backdoor.MSIL.ReverseShell.i?


File Info:
name: C27139841E5FF1AE91F5.mlw
path: /opt/CAPEv2/storage/binaries/6b7f7e741e88caa8d61d8eed79890b0272f888261c72dbaa5391e6990172be10
crc32: C87914F8
md5: c27139841e5ff1ae91f57ceb4fedc621
sha1: 2e77d8e3ca8fb8bff0fd39a2c8fdbc3d163a8482
sha256: 6b7f7e741e88caa8d61d8eed79890b0272f888261c72dbaa5391e6990172be10
sha512: 8366663843c47779d85f22ae25114e8329365e6a289dab1e09c0cc915b51d99b2e2868a2a0e9079ab60154ffe1a144c0b0f21ef270aad003ca229dda8a44f91f
ssdeep: 96:eo2H5MqOxVlKmYnII2P4HMxOBCb1brkSnMF/yZuwun/SP9ezNt:en5+Yk4CbBcKsFnE4
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T106D1C522F3D48336CCA60AB4EDA2634057B4EB958D67EF6E3C88E5476C873144622771
sha3_384: 85348bbb09fc8fa4147d5f3ea29947ac2ce45e3eca914332b761b93364918bcc2c6aa425f61e81df4e8eb07c9d2fa2e1
ep_bytes: ff250020400000000000000000000000
timestamp: 2049-08-20 17:30:57

Version Info:
Translation: 0x0000 0x04b0
CompanyName: ConsoleApp1
FileDescription: ConsoleApp1
FileVersion: 1.0.0.0
InternalName: ConsoleApp1.dll
LegalCopyright:  
OriginalFilename: ConsoleApp1.dll
ProductName: ConsoleApp1
ProductVersion: 1.0.0
Assembly Version: 1.0.0.0

Backdoor.MSIL.ReverseShell.i also known as:

Lionic	Trojan.Win32.Agent.Y!c
AVG	Win32:BackdoorX-gen [Trj]
Elastic	malicious (high confidence)
McAfee	RDN/Generic BackDoor
Malwarebytes	Backdoor.AsyncRAT
Zillya	Trojan.Evilnum.Win32.493
Sangfor	Backdoor.Msil.Reverseshell.V22s
K7AntiVirus	Trojan ( 0056dc2b1 )
Alibaba	Backdoor:MSIL/ReverseShell.9746c3db
K7GW	Trojan ( 0056dc2b1 )
CrowdStrike	win/malicious_confidence_100% (W)
Cyren	W32/MSIL_Troj.BGA.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Evilnum.B
Cynet	Malicious (score: 100)
Kaspersky	Backdoor.MSIL.ReverseShell.i
Avast	Win32:BackdoorX-gen [Trj]
Tencent	Malware.Win32.Gencirc.13bf923f
F-Secure	Trojan.TR/Redcap.fjecn
TrendMicro	TROJ_GEN.R002C0DD923
McAfee-GW-Edition	RDN/Generic BackDoor
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Evilnum
Jiangmin	Backdoor.MSIL.gdqw
Webroot	W32.Trojan.Gen
Avira	TR/Redcap.fjecn
Antiy-AVL	Trojan/MSIL.Evilnum
ViRobot	Trojan.Win.Z.Evilnum.6656
ZoneAlarm	Backdoor.MSIL.ReverseShell.i
Microsoft	VirTool:MSIL/Mousewe.A!MTB
Google	Detected
AhnLab-V3	Trojan/Win.Mousewe.C5033755
Cylance	unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DD923
Rising	Backdoor.Small!8.21B (CLOUD)
Yandex	Trojan.Evilnum!7xuM0ucuraE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Evilnum.B!tr
DeepInstinct	MALICIOUS

How to remove Backdoor.MSIL.ReverseShell.i?

Backdoor.MSIL.ReverseShell.i removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X