Malware

Generic.MSIL.PasswordStealerA.B7D60062 removal tips

Malware Removal

The Generic.MSIL.PasswordStealerA.B7D60062 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.B7D60062 virus can do?

  • Sample contains Overlay data
  • Authenticode signature is invalid
  • CAPE detected the QuasarStealer malware family
  • Binary file triggered YARA rule

How to determine Generic.MSIL.PasswordStealerA.B7D60062?



File Info:

name: 84E375C554BB8987D11C.mlw
path: /opt/CAPEv2/storage/binaries/ace61b73417eaa032b9c18a84a3728831e2f58b5781b8e6ce6584adef566e612
crc32: 27D0C7DD
md5: 84e375c554bb8987d11c5a52f25a3538
sha1: 592649c539a41ed6f5785781cd603f8790d96f80
sha256: ace61b73417eaa032b9c18a84a3728831e2f58b5781b8e6ce6584adef566e612
sha512: a1bfba6a1bcfef18a998e4a13c649c4709ccb5ecfec22230fe0a631b80c9581576d32515576c3c87ec740e2149b6184b6f06cefafd00c206cd711947494629c2
ssdeep: 49152:yvyI22SsaNYfdPBldt698dBcjHpWnSMjoGdTCTHHB72eh2NTN:yvf22SsaNYfdPBldt6+dBcjHpWnSKV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T119E56B0537F85E32E16BD7B3E5B0501263F1F82AF363EB0B5181A77A5C93B5488426A7
sha3_384: f3399f2ab1579a202677061ec7ba1a41395e749f8eb8e6c6d93edac47081d68989e323136739f098488032f276025efd
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-03-12 16:16:39


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Microsoft Windows Publisher
FileDescription:  Windows Session Manager
FileVersion: 10.0.22621.1
InternalName: Windows Session Manager
LegalCopyright: ©Microsoft Corporation. All rights reserved.
LegalTrademarks: Microsoft
OriginalFilename: Windows Session Manager
ProductName: Windows Session Manager
ProductVersion: 10.0.22621.1
Assembly Version: 10.0.22621.1

Generic.MSIL.PasswordStealerA.B7D60062 also known as:

BkavW32.AIDetectMalware.CS
ElasticWindows.Generic.Threat
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.B7D60062
CAT-QuickHealTrojan.Generic.TRFH927
SkyhighBehavesLike.Win32.Generic.wh
McAfeeGenericRXLX-DS!84E375C554BB
MalwarebytesGeneric.Malware.AI.DDS
VIPREGeneric.MSIL.PasswordStealerA.B7D60062
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005b1c021 )
K7GWTrojan ( 005b1c021 )
CrowdStrikewin/malicious_confidence_100% (D)
VirITTrojan.Win32.MSIL_Heur.B
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Agent.CLQ
APEXMalicious
ClamAVWin.Malware.Generic-9883083-0
KasperskyHEUR:Trojan.MSIL.Quasar.gen
BitDefenderGeneric.MSIL.PasswordStealerA.B7D60062
AvastMSIL:Quasar-A [Rat]
SophosTroj/Quasar-AF
GoogleDetected
F-SecureHeuristic.HEUR/AGEN.1305743
DrWebBackDoor.QuasarNET.3
FireEyeGeneric.mg.84e375c554bb8987
EmsisoftGeneric.MSIL.PasswordStealerA.B7D60062 (B)
IkarusTrojan-Spy.Agent
JiangminTrojan.MSIL.aogzw
VaristW32/MSIL_Troj.BTX.gen!Eldorado
AviraHEUR/AGEN.1305743
Antiy-AVLTrojan/MSIL.Quasar
Kingsoftmalware.kb.c.996
MicrosoftBackdoor:MSIL/Quasar!atmn
ArcabitGeneric.MSIL.PasswordStealerA.B7D60062
ZoneAlarmHEUR:Trojan.MSIL.Quasar.gen
GDataMSIL.Backdoor.Quasar.A
AhnLab-V3Backdoor/Win32.QuasarRAT.R341693
BitDefenderThetaGen:NN.ZemsilF.36802.hp1@aCK3xWi
ALYacGeneric.MSIL.PasswordStealerA.B7D60062
MAXmalware (ai score=84)
VBA32Trojan.MSIL.Quasar.Heur
Cylanceunsafe
RisingBackdoor.Quasar!1.E5F1 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.BPH!tr
AVGMSIL:Quasar-A [Rat]
Cybereasonmalicious.554bb8
DeepInstinctMALICIOUS
alibabacloudBackdoor:MSIL/Quasar.server

How to remove Generic.MSIL.PasswordStealerA.B7D60062?

Generic.MSIL.PasswordStealerA.B7D60062 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment