Should I remove “MSIL/Filecoder.BCL”?

The MSIL/Filecoder.BCL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Filecoder.BCL virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine MSIL/Filecoder.BCL?


File Info:
name: 157DFF66158AA0968E7B.mlw
path: /opt/CAPEv2/storage/binaries/1077514b92770d240077990933590f2749348bcb3810dfbff8d5e9af1e369fdc
crc32: A346A073
md5: 157dff66158aa0968e7b82d6c6411802
sha1: f1b7216cfc060f2edfbaec43bfc778db347ecee6
sha256: 1077514b92770d240077990933590f2749348bcb3810dfbff8d5e9af1e369fdc
sha512: ca22acbccefe9032e92e2ea3af92aa125c01da8cec6879fee6f745265d7393c919e8ac6ed1cefd187747ab516bd16ceeabf812599539417bf50a27b50c1fdeca
ssdeep: 6144:gfuqa6EilzE6AKEd/9LagjPuoWsLOh+pmNcgJE:gfa0l4vdd/99LuILOsMN
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19D749EE12EA14B4BCC14DE7D82DBDD602FE25E975A3D919E3E54328A34BD260F940F90
sha3_384: 28b2527342776b0c17ec3ddad4073a01e38d95dc787b1f7340e09bed0f41740d167ed22edc01213ba74d4859b75dd446
ep_bytes: ff250020400000000000000000000000
timestamp: 2101-05-29 18:57:45

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: malwrhunterteam
FileVersion: 1.0.0.0
InternalName: MalwareHunterTeam malwrhunterteam Ransomware.exe
LegalCopyright: Copyright © MalwareHunterTeam 2024
LegalTrademarks: 
OriginalFilename: MalwareHunterTeam malwrhunterteam Ransomware.exe
ProductName: malwrhunterteam
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Filecoder.BCL also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.72048838
FireEye	Generic.mg.157dff66158aa096
Skyhigh	Artemis!Trojan
McAfee	Artemis!157DFF66158A
Cylance	unsafe
Sangfor	Ransom.Win32.Agent.V2jz
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of MSIL/Filecoder.BCL
APEX	Malicious
TrendMicro-HouseCall	Ransom.MSIL.HUNTR.THCBOBD
BitDefender	Trojan.GenericKD.72048838
Avast	Win32:RansomX-gen [Ransom]
Sophos	Mal/Genasom-A
F-Secure	Trojan.TR/AD.Nekark.oyurp
TrendMicro	Ransom.MSIL.HUNTR.THCBOBD
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.GenericKD.72048838 (B)
Ikarus	Trojan.MSIL.Crypt
Google	Detected
Avira	TR/AD.Nekark.oyurp
Varist	W32/ABRisk.JJFE-9240
Antiy-AVL	Trojan/Win32.Wacatac
Microsoft	Ransom:Win32/Genasom
Arcabit	Trojan.Generic.D44B60C6
GData	Win32.Trojan.Agent.ZEGHAD
MAX	malware (ai score=81)
Malwarebytes	Ransom.FileCryptor
Rising	Ransom.Agent!8.6B7 (CLOUD)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Filecoder.BCL!tr
BitDefenderTheta	Gen:NN.ZemsilF.36802.vq0@aKs1m!g
AVG	Win32:RansomX-gen [Ransom]
DeepInstinct	MALICIOUS

How to remove MSIL/Filecoder.BCL?

MSIL/Filecoder.BCL removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X