Malware

Generic.MSIL.PasswordStealerA.E37C2C31 (file analysis)

Malware Removal

The Generic.MSIL.PasswordStealerA.E37C2C31 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.E37C2C31 virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the QuasarRAT malware family
  • Binary file triggered YARA rule

How to determine Generic.MSIL.PasswordStealerA.E37C2C31?



File Info:

name: 8BEC5E4A561A37109FD5.mlw
path: /opt/CAPEv2/storage/binaries/20472a92adf4cf410e91f3980433dd557bfe02b0cb7f5d699ad8473951e947b7
crc32: 8A9ADFC1
md5: 8bec5e4a561a37109fd5b7074afb3bfa
sha1: b0c5aaf0158439a7a063a58d8d12a156ac29f973
sha256: 20472a92adf4cf410e91f3980433dd557bfe02b0cb7f5d699ad8473951e947b7
sha512: d6ee686540a87f5178226a3ac186a21151f678d86a979db447f7ee72ae3815a4cd2342837ecc123dd5d02fe1c078f1e7012c22913512c5bc7019a84341fd391e
ssdeep: 6144:g+NHXf500MmhYcStImw4JcbgOdp2/JTCj2YEE:nd50OYc0/FMs/lC6Yt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10C8449A277E4952FD5FE03BAA632061147F0D9C2BB06EBCB995A45B93E133C14D413A3
sha3_384: cc84c76f878da4fc2b5451c8ce6f9af6aaae077541ffb72c18f6e5d42f3df480d96cd6dfac6d827113e06d5b4b477a26
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-12-25 16:28:39


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 
FileVersion: 1.3.0.0
InternalName: Client.exe
LegalCopyright: 
LegalTrademarks: 
OriginalFilename: Client.exe
ProductName: 
ProductVersion: 1.3.0.0
Assembly Version: 1.3.0.0

Generic.MSIL.PasswordStealerA.E37C2C31 also known as:

BkavW32.AIDetectMalware.CS
ElasticWindows.Trojan.Quasarrat
ClamAVWin.Packed.Generic-9829635-0
SkyhighPWS-FCOI!8BEC5E4A561A
McAfeePWS-FCOI!8BEC5E4A561A
Cylanceunsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00521dab1 )
BitDefenderGeneric.MSIL.PasswordStealerA.E37C2C31
K7GWTrojan ( 00521dab1 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitGeneric.MSIL.PasswordStealerA.E37C2C31
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Agent.AES
APEXMalicious
AvastMSIL:Rat-B [Trj]
KasperskyTrojan.MSIL.Agent.foww
AlibabaBackdoor:MSIL/QuasarRAT.5a741614
NANO-AntivirusTrojan.Win32.FCOI.kgxjev
ViRobotTrojan.Win.Z.Agent.393216.OMU
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.E37C2C31
RisingBackdoor.xRAT!1.D01D (CLASSIC)
SophosATK/Zaquar-D
F-SecureTrojan:w32/QuasarRAT.A1
DrWebTrojan.DownLoader27.59888
VIPREGeneric.MSIL.PasswordStealerA.E37C2C31
TrendMicroTSPY_TINCLEX.SM1
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.8bec5e4a561a3710
EmsisoftGeneric.MSIL.PasswordStealerA.E37C2C31 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.ajfvk
VaristW32/MSIL_Mintluks.A.gen!Eldorado
AviraHEUR/AGEN.1307329
MAXmalware (ai score=87)
Antiy-AVLTrojan/MSIL.Agent
Kingsoftmalware.kb.c.1000
MicrosoftBackdoor:Win32/QuasarRAT
ZoneAlarmTrojan.MSIL.Agent.foww
GDataMSIL.Backdoor.Quasar.D
GoogleDetected
AhnLab-V3Trojan/Win32.Subti.R285137
ALYacGeneric.MSIL.PasswordStealerA.E37C2C31
VBA32Trojan.MSIL.Quasar.Heur
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/CI.A
TrendMicro-HouseCallTSPY_TINCLEX.SM1
TencentTrojan.Msil.Agent.zc
IkarusBackdoor.QuasarRat
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Emotet.5C62!tr
BitDefenderThetaGen:NN.ZemsilF.36802.ym0@aa8qijj
AVGMSIL:Rat-B [Trj]
DeepInstinctMALICIOUS
alibabacloudBackdoor:MSIL/Quasar.server

How to remove Generic.MSIL.PasswordStealerA.E37C2C31?

Generic.MSIL.PasswordStealerA.E37C2C31 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment