Marsilia.60690 (file analysis)

The Marsilia.60690 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Marsilia.60690 virus can do?

The binary likely contains encrypted or compressed data.
.NET file is packed/obfuscated with SmartAssembly
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Marsilia.60690?


File Info:
name: B95D41549BB951083060.mlw
path: /opt/CAPEv2/storage/binaries/9092950d63bcc81b44c1158891d9dd6c3cbb28a1093e074b36c6c2064603e1db
crc32: 663BF1DF
md5: b95d41549bb951083060a9f122028ba0
sha1: a4f2311530bc0870025df031d78a38d6019e5239
sha256: 9092950d63bcc81b44c1158891d9dd6c3cbb28a1093e074b36c6c2064603e1db
sha512: 5a4252d87d6dc50eb784ea15ad76bc97d0aa7e34109b7a53a7e984bf88adc80f9de7432a43dbabcccd0373edbef863afddfc5b7e46d8610ea347fba11c8abf02
ssdeep: 49152:REIUpbEfTj7ALG7yRVcjbSlIR4wUli7FXNlgK/U8d48yVEFQajc4MBr8rTQOH9t7:xUpYfv7yROjelg3xdnfyPkc4eykuLGW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18AF533690EBE0981DF9AF5BCD0A798D047D2A3362086F06F5C06483405EDF9CAD76E5B
sha3_384: 2a5b1bccb169af911fad5acdf71eb7775b7b498038db5447fd701afab4a3e81fc5f5fd19f0b586672edd28bad6a88013
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-09-09 10:37:34

Version Info:
0: [No Data]

Marsilia.60690 also known as:

MicroWorld-eScan	Gen:Variant.Marsilia.60690
ALYac	Gen:Variant.Marsilia.60690
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.530bc0
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/GenKryptik.GKQD
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	HEUR:Trojan-Banker.MSIL.ClipBanker.gen
BitDefender	Gen:Variant.Marsilia.60690
Emsisoft	Gen:Variant.Marsilia.60690 (B)
F-Secure	Trojan.TR/Dropper.MSIL.Gen
VIPRE	Gen:Variant.Marsilia.60690
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.b95d41549bb95108
Sophos	ML/PE-A
Ikarus	Trojan.MSIL.CoinMiner
GData	Gen:Variant.Marsilia.60690
Avira	TR/Dropper.MSIL.Gen
Arcabit	Trojan.Marsilia.DED12
ZoneAlarm	HEUR:Trojan-Banker.MSIL.ClipBanker.gen
Microsoft	Program:Win32/Wacapew.C!ml
Google	Detected
AhnLab-V3	Trojan/Win.VZ.C5438006
MAX	malware (ai score=89)
Cylance	unsafe
Rising	Malware.Obfus/MSIL@AI.92 (RDM.MSIL2:RrZuyP0IeeVJ9+P/7EGu8g)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZemsilF.36722.xp0@a0laOBi
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove Marsilia.60690?

Marsilia.60690 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X