Malware

MonitoringTool:MSIL/BassemRat removal tips

Malware Removal

The MonitoringTool:MSIL/BassemRat is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MonitoringTool:MSIL/BassemRat virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine MonitoringTool:MSIL/BassemRat?



File Info:

name: FDE4B4A95D96C2F6E81B.mlw
path: /opt/CAPEv2/storage/binaries/2e7ba2362283c11797edad1044e20352c880eb21f946e0527a222d342dcbce78
crc32: DF77D14F
md5: fde4b4a95d96c2f6e81b2fe63db29e32
sha1: fd926f3d8a9a3e39c41e1613dc404d11c9b2f329
sha256: 2e7ba2362283c11797edad1044e20352c880eb21f946e0527a222d342dcbce78
sha512: 30bf135b382d5444e838f090028aa1aa2b615c550e25a305ea435b086d4456354ab6bb6130c3deb54ddf5ab6c812b7d86b4b4dcd2234b15fec6985b986e3a8c0
ssdeep: 6144:Bth8i7owEAvE53vyZ9U1vvOVfaNar+XuhYTKdU/svyZ9U1hI:O2ivyZ9Q+UOpvyZ9Qa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T126846B6732E06B45D47C17B504A12E8013F5F80EE712E36C3EA8699FE9B66C1C652BD3
sha3_384: ae412763ff002732adcb3855cfc2cd14091c3eae8bb38cdb86a9ddd413f34a666b80b977e3e22b7675154e9641692b84
ep_bytes: ff250020400000000000000000000000
timestamp: 2013-05-22 21:05:32


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Executable for Hearts Game
FileVersion: 6.1.7600.16385 (win7_rtm.090713-1255)
InternalName: hearts.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: hearts.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.1.7600.16385
OleSelfRegister: 
Translation: 0x0409 0x04b0

MonitoringTool:MSIL/BassemRat also known as:

LionicTrojan.MSIL.SpyGate.m!c
Elasticmalicious (high confidence)
DrWebBackDoor.SpyBotNET.21
MicroWorld-eScanGen:Variant.MSILPerseus.147254
FireEyeGen:Variant.MSILPerseus.147254
CAT-QuickHealBackdoor.MSIL
ALYacGen:Variant.MSILPerseus.147254
CylanceUnsafe
ZillyaBackdoor.SpyGate.Win32.10628
SangforBackdoor.MSIL.SpyGate.gen
K7AntiVirusTrojan ( 700000121 )
AlibabaBackdoor:MSIL/SpyGate.50092ef7
K7GWTrojan ( 700000121 )
Cybereasonmalicious.95d96c
BitDefenderThetaGen:NN.ZemsilF.34084.wq0@aG12WMai
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Agent.EI
TrendMicro-HouseCallTROJ_GEN.R002C0OIU21
ClamAVWin.Malware.Spygate-6855918-0
KasperskyHEUR:Backdoor.MSIL.SpyGate.gen
BitDefenderGen:Variant.MSILPerseus.147254
NANO-AntivirusTrojan.Win32.SpyGate.hlejzm
AvastWin32:Trojan-gen
TencentMsil.Backdoor.Spygate.Eilg
Ad-AwareGen:Variant.MSILPerseus.147254
EmsisoftMalware.Generic.CN1 (A)
ComodoMalware@#271f710k24fl4
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0OIU21
McAfee-GW-EditionPUP-XBZ-GH
SophosMal/Generic-R + Mal/Agent-ASP
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.MSILPerseus.147254
AviraHEUR/AGEN.1103688
MAXmalware (ai score=83)
ArcabitTrojan.MSILPerseus.D23F36
MicrosoftMonitoringTool:MSIL/BassemRat
CynetMalicious (score: 99)
McAfeePUP-XBZ-GH
VBA32Trojan.MSIL.gen.c.2
MalwarebytesMalware.AI.4153491082
APEXMalicious
YandexTrojan.Agent!pbtazJdVwW8
IkarusTrojan.MSIL.Bladabindi
FortinetW32/SpyGate.EI!tr.bdr
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.10118638.susgen

How to remove MonitoringTool:MSIL/BassemRat?

MonitoringTool:MSIL/BassemRat removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment