MSIL/GameHack.AAG potentially unsafe malicious file

The MSIL/GameHack.AAG potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/GameHack.AAG potentially unsafe virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine MSIL/GameHack.AAG potentially unsafe?


File Info:
name: 67F544E03A044B922053.mlw
path: /opt/CAPEv2/storage/binaries/bcc84348a6e5e0a5ba4268b62ee5363583f36678fb3c3b1045f0a145e0c588fd
crc32: 19445C97
md5: 67f544e03a044b922053233645c932c9
sha1: 845cc009727c3bfe75e2de908f217968b6085255
sha256: bcc84348a6e5e0a5ba4268b62ee5363583f36678fb3c3b1045f0a145e0c588fd
sha512: 33ed0c612396189232b46e5b697f50c01a1f631732a477875a9276e85b4c9be948eed8239530596a7e7a8c5bf0bf421d3b283e3f80134105fb1109d07e159164
ssdeep: 1536:mbt9wJX5buNVycgHGUoTU5v753g1QJi/dojro1A+BO3DD3ePuj3Id54QmjTOy63J:mjy5bSycgmBqUVEaQDDyK3E5mO2OP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D2050720F284DE13DE6957746857C16170F6BE377832CA8BBD9637EE1CB2631A212748
sha3_384: 55624821f4ec33f84f17df87d94b003f3621d94aec66cac1b04b6ecb861146d365f6150bfd4b3fe05f9dd8bf4dd30175
ep_bytes: ff250020400000000000000000000000
timestamp: 2016-09-29 06:45:22

Version Info:
Translation: 0x0000 0x04b0
Comments: QN8kb1
CompanyName: FmVbdfvZ7OUTUWRh
FileDescription: Cgmu8NmSYcfExlXuyRpmyaLyhOl
FileVersion: 4.5.8.2
InternalName: OKkd2QWofNgPc.exe
LegalCopyright: FmVbdfvZ7OUTUWRh ©  2016
LegalTrademarks: FmVbdfvZ7OUTUWRh - All rights reserved
OriginalFilename: OKkd2QWofNgPc.exe
ProductName: Gorl00HCdwRMPANuYId8LL
ProductVersion: 4.5.8.2
Assembly Version: 6.4.2.1

MSIL/GameHack.AAG potentially unsafe also known as:

Lionic	Trojan.Win32.Amzvxln.4!c
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Gen:Trojan.Heur.DNP.Ym0@amZvXln
FireEye	Gen:Trojan.Heur.DNP.Ym0@amZvXln
ALYac	Gen:Trojan.Heur.DNP.Ym0@amZvXln
Malwarebytes	Generic.Malware/Suspicious
VIPRE	Gen:Trojan.Heur.DNP.Ym0@amZvXln
Sangfor	Trojan.Win32.Agent.Vxwb
Cybereason	malicious.03a044
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/GameHack.AAG potentially unsafe
APEX	Malicious
BitDefender	Gen:Trojan.Heur.DNP.Ym0@amZvXln
McAfee-GW-Edition	Artemis
Emsisoft	Gen:Trojan.Heur.DNP.Ym0@amZvXln (B)
GData	Gen:Trojan.Heur.DNP.Ym0@amZvXln
MAX	malware (ai score=82)
Antiy-AVL	RiskWare/MSIL.Gamehack
Arcabit	Trojan.Heur.DNP.EDB90F
McAfee	Artemis!67F544E03A04
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09EG23
BitDefenderTheta	AI:Packer.DAEC70C41F
DeepInstinct	MALICIOUS

How to remove MSIL/GameHack.AAG potentially unsafe?

MSIL/GameHack.AAG potentially unsafe removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X