MSIL/Filecoder.BCH removal

The MSIL/Filecoder.BCH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Filecoder.BCH virus can do?

Authenticode signature is invalid
Binary compilation timestomping detected

How to determine MSIL/Filecoder.BCH?


File Info:
name: 82BC37C043B37647B3F5.mlw
path: /opt/CAPEv2/storage/binaries/e7483367239cf73d950610aecb1a51b88d877c4ffad931d2066b4c7e75dff8fb
crc32: CE7974D2
md5: 82bc37c043b37647b3f59d42174a25aa
sha1: a8ce4489add342d61d57e4ff902c8795c05aa312
sha256: e7483367239cf73d950610aecb1a51b88d877c4ffad931d2066b4c7e75dff8fb
sha512: 38ef9546946022357fce137a741c153afa69044a85d8443d7c8477f3867c4c4c5fd9963be9b9d81a80135f06cf2a3518bf1ba1e90b96eb939e3101fcf11f24b5
ssdeep: 768:mL0b0dItXb8QRfNQSU3R025TxifLU3R025Txif0U3R025TxifM9uQz:g0bFtL8yfa3Bt3Bk3B2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16263F7112553C13EC0E1D53D78C2A78593622DAEBC18FA64398B7FE9A46BE174CB0379
sha3_384: 78a77a465633b8414f3e7f965e87b97aea168f4f6cff40178272b4f759c81ea70ced80d2f6831d6a31daad2d3ba38725
ep_bytes: ff250020400000000000000000000000
timestamp: 2052-06-15 09:58:55

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: file Help Company
FileDescription: amozesh
FileVersion: 1.2.0.0
InternalName: amozesh.exe
LegalCopyright: Copyright ©  2024
LegalTrademarks: 
OriginalFilename: amozesh.exe
ProductName: amozesh
ProductVersion: 1.2.0.0
Assembly Version: 1.2.0.0

MSIL/Filecoder.BCH also known as:

Bkav	W32.Common.E0121C50
Lionic	Trojan.Win32.GenericCryptor.j!c
MicroWorld-eScan	Gen:Heur.Ransom.HiddenTears.1
FireEye	Gen:Heur.Ransom.HiddenTears.1
CAT-QuickHeal	TrojanRansom.MSIL
Skyhigh	Artemis!Trojan
McAfee	Artemis!82BC37C043B3
Cylance	unsafe
Sangfor	Ransom.Msil.Agent.Vpjq
Alibaba	Ransom:MSIL/Filecoder.859db232
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Filecoder.BCH
APEX	Malicious
Kaspersky	HEUR:Trojan-Ransom.MSIL.GenericCryptor.gen
BitDefender	Gen:Heur.Ransom.HiddenTears.1
Avast	Win32:RansomX-gen [Ransom]
Emsisoft	Gen:Heur.Ransom.HiddenTears.1 (B)
F-Secure	Trojan.TR/Redcap.rhlnr
VIPRE	Gen:Heur.Ransom.HiddenTears.1
TrendMicro	Ransom.MSIL.BOSSOB.THBBHBD
Sophos	Mal/Generic-S
Ikarus	Gen.Ransom.HiddenTears
GData	Gen:Heur.Ransom.HiddenTears.1
Google	Detected
Avira	TR/Redcap.rhlnr
Antiy-AVL	Trojan/Win32.Agent
Kingsoft	MSIL.Trojan-Ransom.GenericCrypt.gen
Arcabit	Trojan.Ransom.HiddenTears.1
ZoneAlarm	HEUR:Trojan-Ransom.MSIL.GenericCryptor.gen
Microsoft	Ransom:Win32/Genasom
Varist	W32/ABRisk.QUBQ-4227
MAX	malware (ai score=80)
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/RansomGen.A
TrendMicro-HouseCall	Ransom.MSIL.BOSSOB.THBBHBD
Fortinet	PossibleThreat
AVG	Win32:RansomX-gen [Ransom]
DeepInstinct	MALICIOUS

How to remove MSIL/Filecoder.BCH?

MSIL/Filecoder.BCH removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X