Malware

Generic.MSIL.PasswordStealerA.C0D1659A removal

Malware Removal

The Generic.MSIL.PasswordStealerA.C0D1659A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.C0D1659A virus can do?

  • Authenticode signature is invalid
  • Binary file triggered YARA rule

How to determine Generic.MSIL.PasswordStealerA.C0D1659A?



File Info:

name: A8D203A6039B02FC6F27.mlw
path: /opt/CAPEv2/storage/binaries/b96bf3d74bb37645ee6ffd7f7b8639b53f0f8b6eb79ab01f661feb6a82174b29
crc32: 96D7A35C
md5: a8d203a6039b02fc6f27ee3b1c4f6d0b
sha1: 7aff1aa5ddf375e55b3f1df796a87ce3443acba9
sha256: b96bf3d74bb37645ee6ffd7f7b8639b53f0f8b6eb79ab01f661feb6a82174b29
sha512: 8b21761fe1e431a2e61b34f14448c71a4298d773d02e2fcb22b40efe12f36f2e9894bde4612e51ec8ef145903cdc422cbd9f7599f50b33d624e68a6d356a92e9
ssdeep: 49152:gvFt62XlaSFNWPjljiFa2RoUYIYWFIYTHHB72eh2NT/8WA:gv362XlaSFNWPjljiFXRoUYIYW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T112E53A3537FC5AB7E16A927280B0514A5BF0EC6EB263E73F11D172685CB2F40AC416A7
sha3_384: 4eef20dc6ef2e149ad04159bad6207f5ee4a3d3f5e1e8ade63abaa32074483ea53bae13b02a4db870046c00056074890
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-03-12 16:16:39


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: A exe that optimizes windows for you.
FileVersion: 4.3.0.1
InternalName: WinOptimizer
LegalCopyright: WinOptimizer 2023
LegalTrademarks: 
OriginalFilename: WinOptimizer
ProductName: WindowsOptimizer
ProductVersion: 4.3.0.1
Assembly Version: 4.3.0.1

Generic.MSIL.PasswordStealerA.C0D1659A also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Quasar.4!c
ElasticWindows.Generic.Threat
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.C0D1659A
FireEyeGeneric.mg.a8d203a6039b02fc
SkyhighGenericRXLX-DS!A8D203A6039B
McAfeeGenericRXLX-DS!A8D203A6039B
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005703f41 )
AlibabaBackdoor:MSIL/Quasar.e3b5bc17
K7GWTrojan ( 005703f41 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaGen:NN.ZemsilF.36802.fp0@aunlzM
VirITTrojan.Win32.MSIL_Heur.B
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Agent.CLQ
APEXMalicious
TrendMicro-HouseCallBackdoor.Win32.QUASARRAT.YXEBQZ
ClamAVWin.Trojan.Generic-9838991-0
KasperskyHEUR:Trojan.MSIL.Quasar.gen
BitDefenderGeneric.MSIL.PasswordStealerA.C0D1659A
AvastMSIL:Quasar-A [Rat]
RisingBackdoor.Quasar!1.E5F1 (CLASSIC)
EmsisoftGeneric.MSIL.PasswordStealerA.C0D1659A (B)
F-SecureHeuristic.HEUR/AGEN.1365341
DrWebBackDoor.QuasarNET.3
VIPREGeneric.MSIL.PasswordStealerA.C0D1659A
TrendMicroBackdoor.Win32.QUASARRAT.YXEBQZ
SophosTroj/Quasar-AF
IkarusBackdoor.QuasarRat
JiangminTrojan.MSIL.aogzw
GoogleDetected
AviraHEUR/AGEN.1365341
VaristW32/MSIL_Kryptik.DOD.gen!Eldorado
Antiy-AVLTrojan/MSIL.Quasar
MicrosoftBackdoor:MSIL/Quasar!atmn
ArcabitGeneric.MSIL.PasswordStealerA.C0D1659A
ViRobotTrojan.Win.Z.Quasar.3228672
ZoneAlarmHEUR:Trojan.MSIL.Quasar.gen
GDataMSIL.Backdoor.Quasar.A
AhnLab-V3Backdoor/Win32.QuasarRAT.R341693
ALYacGeneric.MSIL.PasswordStealerA.C0D1659A
MAXmalware (ai score=83)
VBA32Trojan.MSIL.InfoStealer.gen.B
MalwarebytesBackdoor.Quasar
PandaTrj/CI.A
TencentMsil.Trojan.Quasar.Hplw
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.BPH!tr
AVGMSIL:Quasar-A [Rat]
Cybereasonmalicious.6039b0
DeepInstinctMALICIOUS
alibabacloudBackdoor:MSIL/Quasar.server

How to remove Generic.MSIL.PasswordStealerA.C0D1659A?

Generic.MSIL.PasswordStealerA.C0D1659A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment