Malware

What is “MSIL/Filecoder.AOH”?

Malware Removal

The MSIL/Filecoder.AOH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Filecoder.AOH virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine MSIL/Filecoder.AOH?



File Info:

name: ECC744274F9013BCF492.mlw
path: /opt/CAPEv2/storage/binaries/7b3c570e77538bdaf91c7829248a294922a1aaa3e175a7d7cd2dbaf2f920265b
crc32: 7CFFE14B
md5: ecc744274f9013bcf492aff8b00a8d21
sha1: d7cb0b5203d8a8ef9f627d45122131695f917034
sha256: 7b3c570e77538bdaf91c7829248a294922a1aaa3e175a7d7cd2dbaf2f920265b
sha512: 0a5850fc18433816a83a22c79fe06a3c07c0c78d924bb6115a62cec8212b18006a8c825cd4a147e44fdfe9f7e41d97124f408fc2b2d202fdf1dbed94754d7718
ssdeep: 3072:Lt/fGt/fGt/fGt/fGt/fGt/fGt/fGt/fGt/fGt/fGt/fGt/f:LtnGtnGtnGtnGtnGtnGtnGtnGtnGtnGS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T110C3E81C63E8C625F5BE477A5D7222816370F5839C3A876F218A631B3E3179489D3F62
sha3_384: a6f78af4baf7e6c9601bfb8a4caecc5db085e1c1f54aab04c76eb13514c0ef263937028a4cbd2d3f2884abb11354a416
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-02-11 07:20:07


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Virus.win32RozbehStrike
FileVersion: 1.0.8076.42003
InternalName: Virus.win32RozbehStrike.exe
LegalCopyright: Copyright 2022
OriginalFilename: Virus.win32RozbehStrike.exe
ProductName: Virus.win32RozbehStrike
ProductVersion: 1.0.8076.42003
Assembly Version: 1.0.8076.42003

MSIL/Filecoder.AOH also known as:

LionicTrojan.Win32.Malicious.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
FireEyeGeneric.mg.ecc744274f9013bc
McAfeeGenericRXRT-NV!ECC744274F90
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.22473
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058e55f1 )
K7GWTrojan ( 0058e55f1 )
Cybereasonmalicious.203d8a
CyrenW32/Trojan.GMNK-8214
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Filecoder.AOH
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Ransom.MSIL.Encoder.gen
BitDefenderTrojan.GenericKD.38951292
MicroWorld-eScanTrojan.GenericKD.38951292
AvastWin32:MalwareX-gen [Trj]
TencentMalware.Win32.Gencirc.11e9a7ce
Ad-AwareTrojan.GenericKD.38951292
EmsisoftTrojan.GenericKD.38951292 (B)
DrWebTrojan.Encoder.34949
TrendMicroRansom_Encoder.R002C0WBH22
McAfee-GW-EditionBehavesLike.Win32.Generic.ct
SophosMal/Generic-S
IkarusTrojan-Ransom.FileCrypter
GDataTrojan.GenericKD.38951292
JiangminTrojan.MSIL.amcne
AviraTR/Ransom.xiibk
Antiy-AVLTrojan[Ransom]/MSIL.Encoder
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D252597C
ZoneAlarmHEUR:Trojan-Ransom.MSIL.Encoder.gen
MicrosoftBackdoor:Win32/Bladabindi!ml
AhnLab-V3Trojan/Win.Generic.C4968345
VBA32TScope.Trojan.MSIL
ALYacTrojan.GenericKD.38951292
MAXmalware (ai score=82)
MalwarebytesTrojan.MultiDropper
TrendMicro-HouseCallRansom_Encoder.R002C0WBH22
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Filecoder.AOH!tr
BitDefenderThetaGen:NN.ZemsilCO.34232.hm3@aS@50wo
AVGWin32:MalwareX-gen [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.73702460.susgen

How to remove MSIL/Filecoder.AOH?

MSIL/Filecoder.AOH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment