Backdoor Spy

Backdoor.MSIL.SpyGate.xtj malicious file

Malware Removal

The Backdoor.MSIL.SpyGate.xtj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.MSIL.SpyGate.xtj virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Backdoor.MSIL.SpyGate.xtj?



File Info:

name: AC175BA93A2D1D824AD5.mlw
path: /opt/CAPEv2/storage/binaries/22ed43eaa9586733865262dd4ee95e40e391492408e5f020478c174c0faf7a88
crc32: 849179DF
md5: ac175ba93a2d1d824ad537d5a7627a3a
sha1: b983118ef49e543f0171cc8a0a5ae95fecba6e09
sha256: 22ed43eaa9586733865262dd4ee95e40e391492408e5f020478c174c0faf7a88
sha512: 6676280a1d5c54bf94dc616fe3f86ed22eabd14bcff9c9803cc70f7483530fa65e2ae76984edbb01315441beee7e70d1ba597d322f51346183c4c45c469b7999
ssdeep: 6144:9jtSbrtkQJDFivHjoMbBHjDxogmjFE3CWcVlMYn9Shub6cNl0GmdNUPn0iU:q/JDyHMMdHZ8jFEwb9wgbPj0GKNUPn1U
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15584F18B33888B51C66054B4C2DB317813F2B6CB6B33E5893F49EB9D1D51B526A06F8D
sha3_384: bea7c55c9e9199a9c507e0e4b2319b4980e2c536b6551661aa5c29445930f2ecbad9eb05ed6e2cb401c5b57ae3c255e8
ep_bytes: ff250020400000000000000000000000
timestamp: 2018-02-25 12:55:13


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Internet Low-Mic Utility Tool
FileVersion: 11.00.9600.17631 (winblue_r7.150111-1500)
InternalName: ielowutil.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: ielowutil.exe
ProductName: Internet Explorer
ProductVersion: 11.00.9600.17631
Translation: 0x0409 0x04b0

Backdoor.MSIL.SpyGate.xtj also known as:

LionicTrojan.Win32.Generic.4!c
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
CrowdStrikewin/malicious_confidence_90% (W)
K7GWTrojan ( 00528c631 )
K7AntiVirusTrojan ( 00528c631 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.SJV
APEXMalicious
Paloaltogeneric.ml
KasperskyBackdoor.MSIL.SpyGate.xtj
NANO-AntivirusTrojan.Win32.SpyGate.eyjgvd
AvastWin32:Malware-gen
RisingTrojan.Generic@ML.100 (RDML:X8maP8QCKzMYfuq1pFDKew)
DrWebTrojan.MulDrop6.40595
TrendMicroTROJ_GEN.R007C0PHG21
McAfee-GW-EditionRDN/Generic PWS.y
FireEyeGeneric.mg.ac175ba93a2d1d82
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
AviraTR/Dropper.MSIL.Gen
MAXmalware (ai score=94)
Antiy-AVLTrojan[Backdoor]/MSIL.SpyGate
MicrosoftBackdoor:MSIL/Bladabindi
CynetMalicious (score: 100)
Acronissuspicious
McAfeeRDN/Generic PWS.y
TrendMicro-HouseCallTROJ_GEN.R007C0PHG21
TencentMalware.Win32.Gencirc.114ceeba
IkarusTrojan.MSIL.Injector
eGambitUnsafe.AI_Score_99%
FortinetPossibleThreat
BitDefenderThetaGen:NN.ZemsilF.34294.xq0@aOFgGqgi
AVGWin32:Malware-gen
Cybereasonmalicious.ef49e5
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Backdoor.MSIL.SpyGate.xtj?

Backdoor.MSIL.SpyGate.xtj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment