Trojan

BScope.TrojanPSW.MSIL.DiscoStealer (file analysis)

Malware Removal

The BScope.TrojanPSW.MSIL.DiscoStealer is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.TrojanPSW.MSIL.DiscoStealer virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine BScope.TrojanPSW.MSIL.DiscoStealer?



File Info:

name: 2C4758BF69D6029EE80B.mlw
path: /opt/CAPEv2/storage/binaries/6d8edd3c9128702aba1ffb2a8a19ffce1e4f4c213836e623e48f758d6f48ef70
crc32: C9B10A0F
md5: 2c4758bf69d6029ee80b35b192ebe6fa
sha1: c6931d2924d8b3c16b16e86c7f97b77dd3a6769f
sha256: 6d8edd3c9128702aba1ffb2a8a19ffce1e4f4c213836e623e48f758d6f48ef70
sha512: 7200504a209d01a80a7b03f8c99bb904037333efce9077adb324adabc6b8329d0bb13ba2f1d6849404188ee65f72b52affb372bf7a01abf0a2b204a5c127a6b5
ssdeep: 12288:IBqmXrNKnKJiojHeaJ+yjzWrmv4hSclsNfx:IBvhKKJHjNJumQhStj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T108A42367D35F9FC0E2E60CF3A89E3F1BA0D61E6132A51165440EB6CE2231B1799E3752
sha3_384: d2a3f2c83a2909dc4eda3c94edb4f7968e61a232e86f78d7b03c94ca228e9cbf8e1addbf5ac416b31e283eea9a9cca73
ep_bytes: 60e80000000058055a0b00008b3003f0
timestamp: 2019-09-23 08:09:41


Version Info:

FileDescription: 
FileVersion: 1.1.30.01
InternalName: 
LegalCopyright: 
OriginalFilename: 
ProductName: 
ProductVersion: 1.1.30.01
Translation: 0x0409 0x04b0

BScope.TrojanPSW.MSIL.DiscoStealer also known as:

BkavW32.AIDetectMalware
FireEyeGeneric.mg.2c4758bf69d6029e
Cylanceunsafe
CyrenW32/S-d84ece94!Eldorado
ZonerTrojan.Win32.133812
APEXMalicious
Paloaltogeneric.ml
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Generic.gc
Trapminemalicious.moderate.ml.score
SentinelOneStatic AI – Suspicious PE
JiangminTrojanDownloader.Taskun.g
Antiy-AVLTrojan/Win32.Wacatac
MicrosoftTrojan:Win32/Zpevdo.A
GoogleDetected
McAfeeArtemis!2C4758BF69D6
VBA32BScope.TrojanPSW.MSIL.DiscoStealer
MalwarebytesMalware.Heuristic.1003
RisingTrojan.Zpevdo!8.F912 (CLOUD)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Agent.DFE0!tr
DeepInstinctMALICIOUS

How to remove BScope.TrojanPSW.MSIL.DiscoStealer?

BScope.TrojanPSW.MSIL.DiscoStealer removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment