Malware

Generic.MSIL.PasswordStealerA.41206ADA malicious file

Malware Removal

The Generic.MSIL.PasswordStealerA.41206ADA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.41206ADA virus can do?

  • Authenticode signature is invalid
  • CAPE detected the QuasarStealer malware family
  • Binary file triggered YARA rule

How to determine Generic.MSIL.PasswordStealerA.41206ADA?



File Info:

name: DF415A94B93536E36060.mlw
path: /opt/CAPEv2/storage/binaries/359367716a543f967e551c97ec94a6bf4c1e7e08cf5c6c0b91aa4e046d44f4d1
crc32: DB942110
md5: df415a94b93536e36060b33baa82546d
sha1: 08cfa785b11927a3053de2eb3ba9c17b313fca82
sha256: 359367716a543f967e551c97ec94a6bf4c1e7e08cf5c6c0b91aa4e046d44f4d1
sha512: 698547aedf83338f1880a8c1ce65c1913cf77f089a6b41473dc62e585884357a63e0711550ae7dbba98a1719cce3a6424be50d6e15305a73fe5b26544d957654
ssdeep: 49152:mvVt62XlaSFNWPjljiFa2RoUYIrT76+zoG6HXu4THHB72eh2NT:mvn62XlaSFNWPjljiFXRoUYIrT76Y
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A1E55B0437F85E32E16BD7B3D9B0501263F1F86AF363EB0B5191667A6C53B9048427AB
sha3_384: c20e1faac8b4bf7ab520ac7986b93b70ab403904bb8d4c891e94b31152a699c758549df217c8f5c1c972bbe0ac1abe26
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-03-12 16:16:39


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Winboot
FileDescription: 
FileVersion: 1.0.0.1
InternalName: booting
LegalCopyright: Copyright 1.0
LegalTrademarks: 
OriginalFilename: booting
ProductName: Microsoft Software
ProductVersion: 1.0.0.1
Assembly Version: 1.0.0.1

Generic.MSIL.PasswordStealerA.41206ADA also known as:

BkavW32.AIDetectMalware.CS
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.41206ADA
FireEyeGeneric.mg.df415a94b93536e3
CAT-QuickHealTrojan.Generic.TRFH927
SkyhighBehavesLike.Win32.Generic.wh
McAfeeGenericRXMC-UD!DF415A94B935
MalwarebytesGeneric.Malware.AI.DDS
VIPREGeneric.MSIL.PasswordStealerA.41206ADA
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005b1c021 )
AlibabaBackdoor:MSIL/Quasar.29ca32a4
K7GWTrojan ( 005b1c021 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZemsilF.36802.hp0@aSkWtGj
VirITTrojan.Win32.MSIL_Heur.B
SymantecML.Attribute.HighConfidence
ElasticWindows.Generic.Threat
ESET-NOD32a variant of MSIL/Agent.CLQ
APEXMalicious
TrendMicro-HouseCallBackdoor.Win32.QUASARRAT.YXEBGZ
AvastMSIL:Quasar-A [Rat]
ClamAVWin.Malware.Generic-9883083-0
KasperskyHEUR:Trojan.MSIL.Quasar.gen
BitDefenderGeneric.MSIL.PasswordStealerA.41206ADA
NANO-AntivirusTrojan.Win32.Quasar.kisfpp
RisingBackdoor.Quasar!1.E5F1 (CLASSIC)
EmsisoftGeneric.MSIL.PasswordStealerA.41206ADA (B)
F-SecureHeuristic.HEUR/AGEN.1365341
DrWebBackDoor.QuasarNET.3
ZillyaTrojan.Agent.Win32.3854047
TrendMicroBackdoor.Win32.QUASARRAT.YXEBGZ
SophosTroj/Quasar-AF
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=85)
GDataMSIL.Backdoor.Quasar.A
JiangminTrojan.MSIL.aogzw
GoogleDetected
AviraHEUR/AGEN.1365341
VaristW32/MSIL_Troj.BTX.gen!Eldorado
Antiy-AVLTrojan/MSIL.Quasar
KingsoftMSIL.Trojan.Quasar.gen
ArcabitGeneric.MSIL.PasswordStealerA.DA0F6ADA
ViRobotTrojan.Win.Z.Quasar.3266048.CJX
ZoneAlarmHEUR:Trojan.MSIL.Quasar.gen
MicrosoftBackdoor:MSIL/Quasar!atmn
AhnLab-V3Backdoor/Win32.QuasarRAT.R341693
ALYacGeneric.MSIL.PasswordStealerA.41206ADA
VBA32Trojan.MSIL.Quasar.Heur
Cylanceunsafe
PandaTrj/CI.A
TencentMsil.Trojan.Quasar.Ddhl
IkarusTrojan-Spy.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.BPH!tr
AVGMSIL:Quasar-A [Rat]
DeepInstinctMALICIOUS
alibabacloudBackdoor:MSIL/Quasar.server

How to remove Generic.MSIL.PasswordStealerA.41206ADA?

Generic.MSIL.PasswordStealerA.41206ADA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment