Malware

Generic.MSIL.PasswordStealerA.DC791F64 malicious file

Malware Removal

The Generic.MSIL.PasswordStealerA.DC791F64 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.DC791F64 virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • CAPE detected the MALWARE Win XFiles malware family
  • Binary compilation timestomping detected

How to determine Generic.MSIL.PasswordStealerA.DC791F64?



File Info:

name: 42C280BFE763F07CF1C3.mlw
path: /opt/CAPEv2/storage/binaries/de4953d295df592f1a90d12d37efec08cba5f00c5e33adaefb3cddf74993fb21
crc32: 757D275A
md5: 42c280bfe763f07cf1c3a4651ad7f853
sha1: 57cd87913560c32ef693ce378bd2488ee498cf83
sha256: de4953d295df592f1a90d12d37efec08cba5f00c5e33adaefb3cddf74993fb21
sha512: bebb783eaa409ae8747fc43dc830f8d94df25cf83bd4ac62a3319bd1b197113387a52bc6a5ec27fb16c56bc8b0a1885042b88b6cb7c816bdfa3535ec6fd92e18
ssdeep: 49152:fUYWDnUv4mfEFoyONHEM070ky5HazSxzcwcAHVhPfT:flMJoyGEM07078z
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11CD52904B7E86727D0D9D671D5BCC0315FE4EC69B253A78720C1AF673CA2B406B892A7
sha3_384: abd41c6ec670806a8c59231951d2fc58af37b7f7fc51164e044d1a891446c64f79a750e9a9c39d55ea87c014196577e4
ep_bytes: ff250020400000000000000000000000
timestamp: 2085-11-27 12:18:53


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: gosgo
FileVersion: 1.0.0.0
InternalName: ReadLineS0SAT.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: ReadLineS0SAT.exe
ProductName: sgsf
ProductVersion: 1.0.0.0
Assembly Version: 1.1.1.0

Generic.MSIL.PasswordStealerA.DC791F64 also known as:

CynetMalicious (score: 99)
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
BitDefenderGeneric.MSIL.PasswordStealerA.DC791F64
Cybereasonmalicious.fe763f
CyrenW32/MSIL_Agent.COB.gen!Eldorado
ESET-NOD32a variant of MSIL/Spy.Agent.AES
APEXMalicious
ClamAVWin.Packed.Passwordstealera-6872839-0
KasperskyHEUR:Trojan.Win32.Generic
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.DC791F64
RisingStealer.Agent!1.D483 (CLASSIC)
EmsisoftGeneric.MSIL.PasswordStealerA.DC791F64 (B)
DrWebTrojan.PWS.StealerNET.74
FireEyeGeneric.mg.42c280bfe763f07c
IkarusTrojan.MSIL.Spy
AviraHEUR/AGEN.1145058
MAXmalware (ai score=88)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGeneric.MSIL.PasswordStealerA.DC791F64
AhnLab-V3Trojan/Win.Generic.R457426
VBA32Malware-Cryptor.MSIL.AgentTesla.Heur
ALYacGeneric.MSIL.PasswordStealerA.DC791F64
MalwarebytesSpyware.PasswordStealer
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetMSIL/Agent.AES!tr.spy
BitDefenderThetaGen:NN.ZemsilF.34182.To0@a8jHObd

How to remove Generic.MSIL.PasswordStealerA.DC791F64?

Generic.MSIL.PasswordStealerA.DC791F64 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment