Malware

How to remove “MSIL/ClipBanker.ACA”?

Malware Removal

The MSIL/ClipBanker.ACA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/ClipBanker.ACA virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/ClipBanker.ACA?



File Info:

name: 5FF42FAD2056542E3DA5.mlw
path: /opt/CAPEv2/storage/binaries/aafc542e4f53578467e7f2693e8328d88f984f88768b372e7174a73117b8fc8c
crc32: 209C24F7
md5: 5ff42fad2056542e3da56cdab42d8e79
sha1: cf75eeddf789812659377a697bd70bc3b17af3c5
sha256: aafc542e4f53578467e7f2693e8328d88f984f88768b372e7174a73117b8fc8c
sha512: 303dbdcdbc29a30decaaaabc21f6f7fb2059c86fb70c194852fb5779131c199f47d71206e17d1f724628cb53b805f96a35f559bfe9e450248f1744ae79e78940
ssdeep: 6144:h3jaifwNAGVJXvgF4Eb6PtxZ9TSzCXDsEIzFa:NY6GHIfb6Vj9uCQEI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D2840A3BBB568A15C3801B30C5D7993483B06E527663FB5EB56832D618733F9DA062CB
sha3_384: dae6e6e95e95b6b1a8f2b85deea6ad7cb683469f9ef5312729eb8b339a9961dd910ef2f01e7391de6d292aaa986908d5
ep_bytes: ff250020400000000000000000000000
timestamp: 2090-09-03 01:53:42


Version Info:

CompanyName: Microsoft Corporation
FileDescription: UserAccountControlSettings
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
InternalName: UserAccountControlSettings
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: UserAccountControlSettings.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1
Translation: 0x0409 0x04b0

MSIL/ClipBanker.ACA also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanGen:Variant.Lazy.219829
FireEyeGeneric.mg.5ff42fad2056542e
ALYacGen:Variant.Lazy.219829
VIPREGen:Variant.Lazy.219829
CyrenW32/MSIL_Kryptik.HSX.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/ClipBanker.ACA
APEXMalicious
BitDefenderGen:Variant.Lazy.219829
AvastWin32:TrojanX-gen [Trj]
Ad-AwareGen:Variant.Lazy.219829
SophosGeneric ML PUA (PUA)
EmsisoftGen:Variant.Lazy.219829 (B)
GDataGen:Variant.Lazy.219829
MAXmalware (ai score=85)
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C5211904
Acronissuspicious
MalwarebytesTrojan.Crypt.MSIL
SentinelOneStatic AI – Malicious PE
BitDefenderThetaGen:NN.ZemsilF.34582.wm0@aOlgI6li
AVGWin32:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_70% (D)

How to remove MSIL/ClipBanker.ACA?

MSIL/ClipBanker.ACA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment