Malware

MSIL/Asbit.R malicious file

Malware Removal

The MSIL/Asbit.R is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Asbit.R virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/Asbit.R?



File Info:

name: 20C71CB0D96A3E16C0BB.mlw
path: /opt/CAPEv2/storage/binaries/cde22d2d1651cdbe2c2216ecabb8315ac238aae7d8390b1779eddea4f891625e
crc32: F583C69E
md5: 20c71cb0d96a3e16c0bb1ee8ef7972f2
sha1: 6d0b819f4b6789331cae4191767e7899fa132784
sha256: cde22d2d1651cdbe2c2216ecabb8315ac238aae7d8390b1779eddea4f891625e
sha512: 46bd27033098f69fd685101ec4236da6dc8eed01a6c2c0c4de5c7acbb0063292179739dcf472aa8c512538721abc62cfd75dee3689b3bb7c145d5dd7d2ed11c2
ssdeep: 96:F/wV1aj6gEPH3tldNxgApZxk1sJt4lTisvynhW2:F/8aj69dldN9prIVGsanR
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1B4D10B25A7DCC639E9EF4FB4ADD5239207F4DBA1A8524B5D1C84410D8D02A60CDB3FB5
sha3_384: 26fccb18b331da36a72ac7c16dbfd1c6633f842c4ce307972ba3f52d8188594fea0d9b0fe0bfdc25f577ac769da4cc49
ep_bytes: ff250020001000000000000000000000
timestamp: 2049-05-10 06:31:34


Version Info:

Translation: 0x0000 0x04b0
Comments: dXNpbmcgU3lzdGVtLlJlZmxlY3Rpb247CnB1YmxpYyBjbGFzcyBQcm9ncmFtIHsKICAgIHB1YmxpYyBQcm9ncmFtKHN0cmluZyBzLCBwYXJhbXMgb2JqZWN0W10gYXJncyl7CiAgICAgICAgQXNzZW1ibHkuTG9hZChuZXcgU3lzdGVtLk5ldC5XZWJDbGllbnQoKS5Eb3dubG9hZERhdGEocykpLkNyZWF0ZUluc3RhbmNlKCJQcm9ncmFtIiwgdHJ1ZSwgQmluZGluZ0ZsYWdzLkNyZWF0ZUluc3RhbmNlLCBudWxsLCBhcmdzLCBudWxsLCBudWxsKTsKICAgIH0KfQ==
FileDescription: aHR0cHM6Ly9yZGxpdGUuY29tLw==
FileVersion: 1.0.0.0
InternalName: System.dll
LegalCopyright:  
OriginalFilename: System.dll
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Asbit.R also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Asbit.a!c
Elasticmalicious (high confidence)
CAT-QuickHealPUA.MFC.S28621403
SkyhighBehavesLike.Win32.Generic.xt
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Asbit.Win32.162
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00597da81 )
AlibabaTrojanDownloader:MSIL/Asbit.b3ed9ea2
K7GWTrojan ( 00597da81 )
CrowdStrikewin/malicious_confidence_100% (W)
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/Asbit.R
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Cerbu-9965437-0
KasperskyHEUR:Trojan-Downloader.MSIL.Agent.gen
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AvastWin32:TrojanX-gen [Trj]
TencentTrojan.Win32.Asbit.yd
F-SecureTrojan.TR/Dropper.MSIL.Gen
DrWebTrojan.DownLoaderNET.465
TrendMicroTROJ_GEN.R002C0PAA24
SophosTroj/DwnLd-AEP
SentinelOneStatic AI – Malicious PE
JiangminTrojanDownloader.MSIL.ancb
VaristW32/MSIL_Tiny.AG.gen!Eldorado
AviraTR/Dropper.MSIL.Gen
Antiy-AVLGrayWare/MSIL.Regasm.a
MicrosoftTrojan:Win32/Wacatac.B!ml
ViRobotTrojan.Win32.Z.Cerbu.6656.ABVM
ZoneAlarmHEUR:Trojan-Downloader.MSIL.Agent.gen
GoogleDetected
AhnLab-V3Trojan/Win.TrojanX-gen.R512047
Acronissuspicious
McAfeeGenericRXUB-IG!20C71CB0D96A
VBA32Trojan.MSIL.RdLoader.Heur
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PAA24
RisingBackdoor.FastDesktop!1.E02A (CLASSIC)
IkarusTrojan.MSIL.Asbit
MaxSecureTrojan.Malware.187020364.susgen
FortinetMSIL/Tedy.1448!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS

How to remove MSIL/Asbit.R?

MSIL/Asbit.R removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Malware

MSIL/Asbit.R removal tips

Malware Removal

The MSIL/Asbit.R is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Asbit.R virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/Asbit.R?



File Info:

name: 668318E2A80A9F94E783.mlw
path: /opt/CAPEv2/storage/binaries/c05bc22006f7e3c7b47b39eb2e3e9c692e25a0ee643872d7d6b034b7f5dbe687
crc32: BB252555
md5: 668318e2a80a9f94e7832edb65350c1c
sha1: 3c4bc39b5d906d2b146cc13cd86e6b4274b4e191
sha256: c05bc22006f7e3c7b47b39eb2e3e9c692e25a0ee643872d7d6b034b7f5dbe687
sha512: 3ea70e94b19e1987dd05f6646e17ea96edb39f03148ab6c85de1028b760373ab5c1d477309c748634eec4cc12b004b4bb4fead2b860bdb74352a20e4e444eb80
ssdeep: 96:J/Hy7cPcswOaj6g0PG3tldNxQApZxk1YJt4lTisvynhW2:J/SKnaj6d+ldNpprI5GsanR
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T130D1FA29E6DC4239D9EE4FB4ACD1534207B4E7A2B9139F5D1C84410D9D05660CEB3FB9
sha3_384: b7cb5555fcb2c94c6b8421ae83be18e52704344d2dd33d9cf680d18653cfb8c1e133fae53f49569ccd0b992e1c966f79
ep_bytes: ff250020001000000000000000000000
timestamp: 2049-05-10 06:31:34


Version Info:

Translation: 0x0000 0x04b0
Comments: dXNpbmcgU3lzdGVtLlJlZmxlY3Rpb247CnB1YmxpYyBjbGFzcyBQcm9ncmFtIHsKICAgIHB1YmxpYyBQcm9ncmFtKHN0cmluZyBzLCBwYXJhbXMgb2JqZWN0W10gYXJncyl7CiAgICAgICAgQXNzZW1ibHkuTG9hZChuZXcgU3lzdGVtLk5ldC5XZWJDbGllbnQoKS5Eb3dubG9hZERhdGEocykpLkNyZWF0ZUluc3RhbmNlKCJQcm9ncmFtIiwgdHJ1ZSwgQmluZGluZ0ZsYWdzLkNyZWF0ZUluc3RhbmNlLCBudWxsLCBhcmdzLCBudWxsLCBudWxsKTsKICAgIH0KfQ==
FileDescription: aHR0cHM6Ly9yZGxpdGUuY29tLw==
FileVersion: 1.0.0.0
InternalName: System.dll
LegalCopyright:  
OriginalFilename: System.dll
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Asbit.R also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Asbit.a!c
Elasticmalicious (high confidence)
CAT-QuickHealPUA.MFC.S28621403
SkyhighBehavesLike.Win32.Generic.xt
McAfeeGenericRXUB-IG!668318E2A80A
Cylanceunsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:MSIL/Asbit.5594fe1d
K7GWTrojan ( 00597da81 )
K7AntiVirusTrojan ( 00597da81 )
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/Asbit.R
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Cerbu-9965437-0
KasperskyHEUR:Trojan-Downloader.MSIL.Agent.gen
NANO-AntivirusTrojan.Win32.Asbit.jrzuvv
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AvastWin32:TrojanX-gen [Trj]
TencentTrojan.Win32.Asbit.yd
F-SecureTrojan.TR/Dropper.MSIL.Gen
DrWebTrojan.DownLoaderNET.465
TrendMicroTROJ_GEN.R002C0PAA24
SophosTroj/DwnLd-AEP
IkarusTrojan.MSIL.Asbit
JiangminTrojanDownloader.MSIL.ancb
VaristW32/MSIL_Tiny.AG.gen!Eldorado
AviraTR/Dropper.MSIL.Gen
Antiy-AVLGrayWare/MSIL.Regasm.a
KingsoftMSIL.Trojan-Downloader.Agent.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
ViRobotTrojan.Win32.Z.Cerbu.6656.SPE
ZoneAlarmHEUR:Trojan-Downloader.MSIL.Agent.gen
GoogleDetected
AhnLab-V3Trojan/Win.TrojanX-gen.R512047
Acronissuspicious
TACHYONTrojan-Downloader/W32.DN-Agent.6656.ED
VBA32Trojan.MSIL.RdLoader.Heur
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PAA24
RisingBackdoor.FastDesktop!1.E02A (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.187020364.susgen
FortinetMSIL/Tedy.1448!tr
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS

How to remove MSIL/Asbit.R?

MSIL/Asbit.R removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment