Malware

Should I remove “MSIL/DllInject.ABR potentially unsafe”?

Malware Removal

The MSIL/DllInject.ABR potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/DllInject.ABR potentially unsafe virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/DllInject.ABR potentially unsafe?



File Info:

name: F7FFF99827DCA288FFB1.mlw
path: /opt/CAPEv2/storage/binaries/1c92a97839424fb9ab441542188be071456ea974069210273e4c9f3deb4a53aa
crc32: E8FB285F
md5: f7fff99827dca288ffb142bc8c0780c5
sha1: 2e0795db72c29aeec98a68cc38a9ea2c1a2cc8a5
sha256: 1c92a97839424fb9ab441542188be071456ea974069210273e4c9f3deb4a53aa
sha512: 8b4f5b46da51d064cf1643cc31331b187530ff1f78c209d68c552c43d417a9d59984db1a9aa5dd148a6ce47f3c6d585efcbf51dcded716079c1f8e5e97f85d05
ssdeep: 1536:ryHqlsgH7J87Leq54BkvLeq54BkgQDx0:ryHqlsgH0xgQDx0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C243D1906664F236E9ED10370D734A30ABF9459E4FAFDB69B5A4A12D1EB33030B10B52
sha3_384: 9f27be4255d3e6d9315a1ea4f6984467abee5449292eac241d62a6dc9c03f15b39033afb7a9aff9a3c9dc00516b18c69
ep_bytes: ff250020400000000000000000000000
timestamp: 2066-05-08 14:20:55


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Trigon Evo Simple UI
FileVersion: 1.0.0.0
InternalName: Trigon Evo Simple UI.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Trigon Evo Simple UI.exe
ProductName: Trigon Evo Simple UI
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/DllInject.ABR potentially unsafe also known as:

LionicTrojan.Win32.Convagent.4!c
MicroWorld-eScanTrojan.GenericKD.47510104
McAfeeArtemis!F7FFF99827DC
MalwarebytesMachineLearning/Anomalous.95%
K7AntiVirusUnwanted-Program ( 005420f11 )
K7GWUnwanted-Program ( 005420f11 )
Cybereasonmalicious.b72c29
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/DllInject.ABR potentially unsafe
APEXMalicious
Paloaltogeneric.ml
KasperskyVHO:Trojan.Win32.Convagent.gen
BitDefenderTrojan.GenericKD.47510104
Ad-AwareTrojan.GenericKD.47510104
EmsisoftTrojan.GenericKD.47510104 (B)
McAfee-GW-EditionArtemis!Trojan
FireEyeTrojan.GenericKD.47510104
SophosMal/MSIL-AX
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.47510104
MaxSecureTrojan.Malware.300983.susgen
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D2D4F258
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
MAXmalware (ai score=82)
IkarusTrojan-Ransom.ShellLocker
FortinetMalicious_Behavior.SB
WebrootW32.Trojan.Gen
CrowdStrikewin/malicious_confidence_60% (W)

How to remove MSIL/DllInject.ABR potentially unsafe?

MSIL/DllInject.ABR potentially unsafe removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment