Malware

Generic.MSIL.PasswordStealerA.D3CFB9E4 removal

Malware Removal

The Generic.MSIL.PasswordStealerA.D3CFB9E4 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.D3CFB9E4 virus can do?

  • Authenticode signature is invalid
  • CAPE detected the QuasarStealer malware family

How to determine Generic.MSIL.PasswordStealerA.D3CFB9E4?



File Info:

name: 3630B92AC5ED33DE5EB5.mlw
path: /opt/CAPEv2/storage/binaries/17473731182bcea4cee088d78f802ea947926a5cbc8708b4ba31d7585ee8b19f
crc32: EEC83475
md5: 3630b92ac5ed33de5eb53b563913bb02
sha1: 34828f9a66c2c9c0f0cf93419dc96a62bfea476b
sha256: 17473731182bcea4cee088d78f802ea947926a5cbc8708b4ba31d7585ee8b19f
sha512: 034d8e4509816f18f2f75996914d9ef179985a5d53e002b982e208030d2b60413faec917ad6ac1e02f609261d57bb88221c7840271ab64f3cc0b54e3c2b5501b
ssdeep: 12288:dTEgdfYjbg+qBTaa4EywIGpYR1MIwcdD:+UwzgXywIGpYR6IwcdD
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18EB45B8123FCC51BE1AE57BDE8B10421ABF5F40BA667EB4F4940A1E92C967429D407F3
sha3_384: 42a7f7eb9b9921e995e69a1647c78077dfa6598acc1de80c64a365574b340aec422faa7f77c226525817ca4541fa1d66
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-06-05 15:59:49


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Microsoft
FileDescription: Microsoft
FileVersion: 2.2.23.2
InternalName: Microsoft
LegalCopyright: Microsoft
LegalTrademarks: Microsoft
OriginalFilename: Microsoft
ProductName: Microsoft
ProductVersion: 2.2.3.3
Assembly Version: 2.2.3.3

Generic.MSIL.PasswordStealerA.D3CFB9E4 also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Quasar.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealTrojan.MsilFC.S15413537
SkyhighBehavesLike.Win32.Generic.hh
McAfeePWS-FDEK!3630B92AC5ED
MalwarebytesGeneric.Trojan.MSIL.DDS
VIPREGeneric.MSIL.PasswordStealerA.D3CFB9E4
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0056b6611 )
BitDefenderGeneric.MSIL.PasswordStealerA.D3CFB9E4
K7GWTrojan ( 0056b6611 )
Cybereasonmalicious.a66c2c
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Keylogger.DQJ
APEXMalicious
ClamAVWin.Malware.Generic-9883082-0
KasperskyHEUR:Trojan.MSIL.Quasar.gen
AlibabaBackdoor:Win32/Quasar.3b7
NANO-AntivirusTrojan.Win32.Quasar.jxdocu
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.D3CFB9E4
AvastMSIL:Quasar-A [Rat]
RisingBackdoor.Quasar!1.E5F1 (CLASSIC)
EmsisoftGeneric.MSIL.PasswordStealerA.D3CFB9E4 (B)
F-SecureHeuristic.HEUR/AGEN.1305743
DrWebTrojan.MulDrop13.10660
ZillyaTrojan.Agent.Win32.3316564
TrendMicroTSPY_TINCLEX.SM1
FireEyeGeneric.mg.3630b92ac5ed33de
SophosTroj/Quasar-AF
IkarusBackdoor.Win32.Xiclog
GDataMSIL.Backdoor.Quasar.A
JiangminTrojan.MSIL.oyqd
WebrootW32.Email.Worm.Silly
GoogleDetected
AviraHEUR/AGEN.1305743
MAXmalware (ai score=100)
Antiy-AVLTrojan/MSIL.Quasar
KingsoftMSIL.Trojan.Quasar.gen
XcitiumMalware@#llp7r49lzur0
ArcabitGeneric.MSIL.PasswordStealerA.D3CFB9E4
SUPERAntiSpywareTrojan.Agent/Gen-MSFake[All]
ZoneAlarmHEUR:Trojan.MSIL.Quasar.gen
MicrosoftBackdoor:MSIL/Quasar!pz
VaristW32/MSIL_Mintluks.A.gen!Eldorado
AhnLab-V3Backdoor/Win32.QuasarRAT.R341693
VBA32Trojan.MSIL.Quasar.Heur
ALYacGeneric.MSIL.PasswordStealerA.D3CFB9E4
TACHYONTrojan/W32.DN-Agent.514048.K
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallTSPY_TINCLEX.SM1
TencentTrojan.Msil.Quasar.wa
YandexTrojan.Quasar!nyG/RBc9Iio
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.73405263.susgen
FortinetMSIL/Agent.BPH!tr
BitDefenderThetaGen:NN.ZemsilF.36680.Fm0@a0u7!Yi
AVGMSIL:Quasar-A [Rat]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Generic.MSIL.PasswordStealerA.D3CFB9E4?

Generic.MSIL.PasswordStealerA.D3CFB9E4 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment