Malware

Generic.MSIL.PasswordStealerA.E47B85C4 removal

Malware Removal

The Generic.MSIL.PasswordStealerA.E47B85C4 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.E47B85C4 virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • CAPE detected the BotSh1zoid malware family
  • Binary compilation timestomping detected

How to determine Generic.MSIL.PasswordStealerA.E47B85C4?



File Info:

name: F5A99CC12ACBABB92711.mlw
path: /opt/CAPEv2/storage/binaries/5cd685c103291892330f89f14488ee9e4c06f9dbb8a12b079a436eba08976937
crc32: 16B3A228
md5: f5a99cc12acbabb927110fafd499dc1c
sha1: 2ccdba1439a70e30dccc57332d745084128b2cd0
sha256: 5cd685c103291892330f89f14488ee9e4c06f9dbb8a12b079a436eba08976937
sha512: ad019e06ef4e2bca4af1a1dc82e21090a748fee375db287564a3306bb6ba6e6d28088269a5d809f0c452ae0e8e74f02373cfabf42f82a90aa71c40be1087ce34
ssdeep: 49152:WtMjfGZK7avSzz6GryktbQz4Uftdky4b5HIkvfql:GMKZK7aazzpryktI73
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16ED54A1437F81E23D1BE96B281B0515297F0FC29B363EBAB2581A7799C13F506D422B7
sha3_384: 7c5181694d64f94951cf0f319d8091e62ea2f0aa9f71aa961b9c75b22a9e811bc7f31a40785a77f7fa5d4c1efce52f33
ep_bytes: ff250020400000000000b71dc1046e3b
timestamp: 2061-07-15 03:43:54


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: gosgo
FileVersion: 1.0.0.0
InternalName: ReadLineS0SAT.exe
LegalCopyright: Copyright ©  2020
LegalTrademarks: 
OriginalFilename: ReadLineS0SAT.exe
ProductName: sgsf
ProductVersion: 1.0.0.0
Assembly Version: 1.1.1.0

Generic.MSIL.PasswordStealerA.E47B85C4 also known as:

DrWebTrojan.PWS.StealerNET.74
MicroWorld-eScanDeepScan:Generic.MSIL.PasswordStealerA.E47B85C4
FireEyeGeneric.mg.f5a99cc12acbabb9
ALYacDeepScan:Generic.MSIL.PasswordStealerA.E47B85C4
CylanceUnsafe
ZillyaTrojan.Agent.Win32.2573569
K7AntiVirusSpyware ( 004bf53c1 )
AlibabaTrojan:MSIL/REDLINESTEALER.d681c9c8
K7GWSpyware ( 004bf53c1 )
Cybereasonmalicious.12acba
ArcabitDeepScan:Generic.MSIL.PasswordStealerA.E47B85C4
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Spy.Agent.AES
Paloaltogeneric.ml
ClamAVWin.Packed.Passwordstealera-6872839-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderDeepScan:Generic.MSIL.PasswordStealerA.E47B85C4
AvastWin32:Trojan-gen
TencentWin32.Trojan.Generic.Edxh
Ad-AwareDeepScan:Generic.MSIL.PasswordStealerA.E47B85C4
EmsisoftDeepScan:Generic.MSIL.PasswordStealerA.E47B85C4 (B)
TrendMicroTrojan.MSIL.REDLINESTEALER.SMTH
McAfee-GW-EditionGenericRXQU-LU!F5A99CC12ACB
SophosMal/Generic-S
IkarusTrojan.MSIL.Spy
JiangminTrojan.MSIL.unas
eGambitTrojan.Generic
AviraTR/Spy.Agent.cpqhw
Antiy-AVLTrojan/Generic.ASMalwS.34DB3F8
MicrosoftTrojan:MSIL/FormBook.CD!MTB
GDataDeepScan:Generic.MSIL.PasswordStealerA.E47B85C4
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Generic.C4780202
McAfeeGenericRXQU-LU!F5A99CC12ACB
MAXmalware (ai score=100)
VBA32Malware-Cryptor.MSIL.AgentTesla.Heur
MalwarebytesSpyware.PasswordStealer
APEXMalicious
RisingStealer.Agent!1.D483 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetMSIL/Agent.AES!tr.spy
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Generic.MSIL.PasswordStealerA.E47B85C4?

Generic.MSIL.PasswordStealerA.E47B85C4 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment