Crack

About “HackTool:Win32/Silentall!MTB” infection

Malware Removal

The HackTool:Win32/Silentall!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What HackTool:Win32/Silentall!MTB virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Turkish
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine HackTool:Win32/Silentall!MTB?



File Info:

name: 4EA4F717861A56CB7671.mlw
path: /opt/CAPEv2/storage/binaries/c6b28cdf40575c87250acb22e69dc6d8293d479d37690a634e098212764a009c
crc32: 5C999B43
md5: 4ea4f717861a56cb7671093aa74b01a4
sha1: cfc772c0d4f973c14a1b9e53bea3261e7305010e
sha256: c6b28cdf40575c87250acb22e69dc6d8293d479d37690a634e098212764a009c
sha512: 57faababce6280ba558a3bf66d174c644150cb0fd9b72135db4a18c4523af6dfae107dbe86f253cf1c47b8b0cd3df4f43d80c904295858e7d999eb33bdb61d5c
ssdeep: 6144:suIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLkpLc1kLqztS:H6Wq4aaE6KwyF5L0Y2D1PqLmMdA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18994AE696586418FD0282DB298BBBB37401056FC6EB0D991FD38735EE97175B2C3323A
sha3_384: e6772693230334197368cecfb6533b8e22a8f078c40409c55de4dcb2e0aae060f3cc131bab58acf52600ac0047597234
ep_bytes: 60be008049008dbe0090f6ff57eb0b90
timestamp: 2012-01-29 21:32:28


Version Info:

FileVersion: 11.0.6.70
Comments: ByBordo Professional Software
FileDescription: Adobe Reader XI Katılımsız Kurulumu
LegalCopyright: ByBordo Professional Software
CompanyName: ByBordo Professional Software
Translation: 0x041f 0x04b0

HackTool:Win32/Silentall!MTB also known as:

BkavW32.Common.0DA13AD3
LionicTrojan.Win32.Autoit.4!c
MicroWorld-eScanTrojan.GenericKD.64058100
SkyhighBehavesLike.Win32.Spyware.gc
McAfeeRDN/Generic PUP.z
MalwarebytesMalware.AI.3727307077
ZillyaTrojan.AutoIT.Win32.182478
SangforTrojan.Win32.Agent.Vxo4
K7AntiVirusTrojan ( 004b8bad1 )
K7GWTrojan ( 004b8bad1 )
CrowdStrikewin/malicious_confidence_70% (D)
ArcabitTrojan.Generic.D3D172F4
ESET-NOD32Win32/Packed.Autoit.H suspicious
APEXMalicious
CynetMalicious (score: 100)
BitDefenderTrojan.GenericKD.64058100
AvastWin32:Malware-gen
EmsisoftTrojan.GenericKD.64058100 (B)
VIPRETrojan.GenericKD.64058100
SophosMal/Generic-R
WebrootW32.Trojan.GenKD
Antiy-AVLTrojan/Win32.Autoit
XcitiumMalware@#1xih2sdiiwbou
MicrosoftHackTool:Win32/Silentall!MTB
GDataTrojan.GenericKD.64058100
VBA32Trojan.Autoit.F
ALYacTrojan.GenericKD.64058100
Cylanceunsafe
TrendMicro-HouseCallTROJ_GEN.R002H09HD23
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Autoit.AZA
AVGWin32:Malware-gen
Cybereasonmalicious.0d4f97
DeepInstinctMALICIOUS

How to remove HackTool:Win32/Silentall!MTB?

HackTool:Win32/Silentall!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment