Malware

Generic.MSIL.PasswordStealerA.EF5954AF removal instruction

Malware Removal

The Generic.MSIL.PasswordStealerA.EF5954AF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.PasswordStealerA.EF5954AF virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the QuasarRAT malware family

How to determine Generic.MSIL.PasswordStealerA.EF5954AF?



File Info:

name: 98E643584B75EE48708E.mlw
path: /opt/CAPEv2/storage/binaries/834ab81d060c424692044b45763fd345f1a4174766b40786e13b831345e80706
crc32: 5A8BB240
md5: 98e643584b75ee48708ee0783ec892dd
sha1: 7f7ef6a6d204ac820b2c693a1a89600c970b7483
sha256: 834ab81d060c424692044b45763fd345f1a4174766b40786e13b831345e80706
sha512: d91ff5961f7d92a571f29344c4b565dd7df54f9ae90ed9b2e6def1b64caa4a983be7afa2fccdbb12a8d76bc16c97c036cea7f9ea3bfebdb3d87c77b5d065a6db
ssdeep: 6144:lwbrjkaZwrIHmbiPsTGj5Qma19pCnnnnjnnn/nrXni2rwT:S9iMPsKQeyFT
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C4748D102BDC475AE2AE2B79A5340208C7F4DC07F91AD39B8E9570FC6C7B391AD416A7
sha3_384: aee07b5db6f83e05ee5065e6604101aeded363d7f99dbfce7bd1c85cca6d4a4be9003ecd185da29239a3597134a85afb
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-07-19 23:14:23


Version Info:

Translation: 0x0000 0x04b0
FileDescription: install minecraft
FileVersion: 1.2.3.4
InternalName: minecraft
LegalCopyright: 
OriginalFilename: minecraft
ProductVersion: 1.2.3.4
Assembly Version: 1.2.3.4
CompanyName: Mojang
ProductName: Minecraft installer
LegalTrademarks:

Generic.MSIL.PasswordStealerA.EF5954AF also known as:

BkavW32.AIDetectNet.01
CynetMalicious (score: 100)
FireEyeGeneric.mg.98e643584b75ee48
McAfeeBackDoor-FDDQ!98E643584B75
VIPREGeneric.MSIL.PasswordStealerA.EF5954AF
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderGeneric.MSIL.PasswordStealerA.EF5954AF
K7GWTrojan ( 00521dab1 )
K7AntiVirusTrojan ( 00521dab1 )
ArcabitGeneric.MSIL.PasswordStealerA.EFD1742AF
CyrenW32/MSIL_Mintluks.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
ElasticWindows.Trojan.Quasarrat
ESET-NOD32a variant of MSIL/Spy.Agent.AES
APEXMalicious
ClamAVWin.Packed.Generic-9830106-0
KasperskyHEUR:Trojan.MSIL.Quasar.gen
MicroWorld-eScanGeneric.MSIL.PasswordStealerA.EF5954AF
RisingBackdoor.xRAT!1.D01D (CLASSIC)
Ad-AwareGeneric.MSIL.PasswordStealerA.EF5954AF
EmsisoftGeneric.MSIL.PasswordStealerA.EF5954AF (B)
F-SecureHeuristic.HEUR/AGEN.1235885
DrWebTrojan.DownLoader20.45581
TrendMicroTSPY_TINCLEX.SM
McAfee-GW-EditionBackDoor-FDDQ!98E643584B75
Trapminesuspicious.low.ml.score
SophosML/PE-A + ATK/Zaquar-D
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1235885
Antiy-AVLTrojan/Generic.ASCommon.250
MicrosoftTrojanSpy:MSIL/Tinclex.A
GDataMSIL.Trojan-Spy.Keylogger.J
AhnLab-V3Trojan/Win32.ADH.C78592
Acronissuspicious
VBA32Trojan.MSIL.Quasar.Heur
ALYacGeneric.MSIL.PasswordStealerA.EF5954AF
MAXmalware (ai score=87)
MalwarebytesBladabindi.Backdoor.Njrat.DDS
TrendMicro-HouseCallTSPY_TINCLEX.SM
IkarusTrojan.MSIL.Spy
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Emotet.5C62!tr
BitDefenderThetaGen:NN.ZemsilF.34806.wm0@aCnUh6j
AVGMSIL:Rat-B [Trj]
Cybereasonmalicious.84b75e
AvastMSIL:Rat-B [Trj]

How to remove Generic.MSIL.PasswordStealerA.EF5954AF?

Generic.MSIL.PasswordStealerA.EF5954AF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment