Malware

Generic.MSIL.PasswordStealerA.93FA08D5 removal

Malware Removal

The Generic.MSIL.PasswordStealerA.93FA08D5 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.93FA08D5 virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the OrcusRAT malware family
  • Binary file triggered YARA rule

How to determine Generic.MSIL.PasswordStealerA.93FA08D5?



File Info:

name: 17EAC284C608FEF02286.mlw
path: /opt/CAPEv2/storage/binaries/5c4a1138f02f2945d7290edc3ef3203f3785040f02eceea578bd41933baccffe
crc32: 9BC144FC
md5: 17eac284c608fef02286d1e65592425d
sha1: 2be381336d529831b0a9321c9323b1451886cb53
sha256: 5c4a1138f02f2945d7290edc3ef3203f3785040f02eceea578bd41933baccffe
sha512: dd4e1b26854fd5f1d56c17ec33ae72e6a398faaf50b9ec1e3c616a3a136966d6c10ed8c94d99dbcb0283a7960ca49fe3ede76cab51a42f94b397e6dd02ad930e
ssdeep: 24576:gqE4MROxnFD3Bw8XlrrcI0AilFEvxHP9Goo2:gAMiJbrrcI0AilFEvxHP9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C915BF013FACAD06C1BE7678B7771AC90FB8E90A6052FB4F085461AD1D9B701BE1536B
sha3_384: 00a45126b396bcb1484e07dca7b2ec7b8e91fb249f0226db6a4aab7c274297de6ae06e9e96d5a1c4d42e07413b533cad
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-08-01 22:16:55


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1.0.0.0
InternalName: Orcus.exe
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: Orcus.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Generic.MSIL.PasswordStealerA.93FA08D5 also known as:

BkavW32.AIDetectMalware.CS
DrWebTrojan.DownLoader24.57377
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.93FA08D5
FireEyeGeneric.mg.17eac284c608fef0
CAT-QuickHealTrojan.MsilFC.S6059605
SkyhighBehavesLike.Win32.Generic.dc
McAfeeBackDoor-FDJE!17EAC284C608
MalwarebytesGeneric.Malware.AI.DDS
VIPREGeneric.MSIL.PasswordStealerA.93FA08D5
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 005011a81 )
AlibabaBackdoor:MSIL/Orcus.18652366
K7GWTrojan ( 005011a81 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZemsilF.36802.5m0@a8r!f3j
VirITBackdoor.Win32.Orcus.A
SymantecTrojan.Sorcurat
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Orcusrat.D
APEXMalicious
TrendMicro-HouseCallBKDR_ORCUSRAT.SM
ClamAVWin.Packed.Passwordstealera-9752380-0
KasperskyHEUR:Trojan-Spy.MSIL.Generic
BitDefenderGeneric.MSIL.PasswordStealerA.93FA08D5
SUPERAntiSpywareTrojan.Agent/Gen-Injector
AvastWin32:CrypterX-gen [Trj]
TencentBackdoor.MSIL.Orcusrat.ha
EmsisoftBackdoor.Orcus (A)
F-SecureHeuristic.HEUR/AGEN.1365687
ZillyaTrojan.Agent.Win32.839047
TrendMicroBKDR_ORCUSRAT.SM
SophosTroj/OrcusRAT-A
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=84)
JiangminTrojanSpy.MSIL.sam
WebrootW32.Malware.gen
GoogleDetected
AviraHEUR/AGEN.1365687
VaristW32/Orcus.A.gen!Eldorado
Antiy-AVLTrojan/Win32.AGeneric
MicrosoftBackdoor:MSIL/Orcus!pz
ArcabitGeneric.MSIL.PasswordStealerA.93FA08D5
ZoneAlarmHEUR:Trojan-Spy.MSIL.Generic
GDataMSIL.Backdoor.Orcus.A
AhnLab-V3Win-Trojan/OrcusRAT.Exp
VBA32Trojan.MSIL.InfoStealer.gen
ALYacGeneric.MSIL.PasswordStealerA.93FA08D5
TACHYONTrojan-Spy/W32.DN-Agent.936448.H
Cylanceunsafe
PandaTrj/CI.A
ZonerTrojan.Win32.138318
RisingBackdoor.Orcus!1.BABC (CLASSIC)
YandexTrojan.Agent!g+uqncrmD0Q
IkarusBackdoor.OrcusRat
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.ASJ!tr
AVGWin32:CrypterX-gen [Trj]
DeepInstinctMALICIOUS
alibabacloudBackdoor:MSIL/Orcus.rguvg

How to remove Generic.MSIL.PasswordStealerA.93FA08D5?

Generic.MSIL.PasswordStealerA.93FA08D5 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment