About “MSIL/GameTool.DT potentially unsafe” infection

The MSIL/GameTool.DT potentially unsafe is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/GameTool.DT potentially unsafe virus can do?

Performs HTTP requests potentially not found in PCAP.
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Attempts to modify proxy settings
Harvests cookies for information gathering

How to determine MSIL/GameTool.DT potentially unsafe?


File Info:
name: E073CBFC2064CEC07C9A.mlw
path: /opt/CAPEv2/storage/binaries/66354431463b5ec00355ac136bfd30bf4f69a03a4b92f8caabd2b4cba74126bd
crc32: B2D3E95D
md5: e073cbfc2064cec07c9a04cff01b2b49
sha1: 14346d7ab2ec1539c7251ccba13263a42d79c310
sha256: 66354431463b5ec00355ac136bfd30bf4f69a03a4b92f8caabd2b4cba74126bd
sha512: 84961ec71471cd7809b83b2cba1e93fb896f38494db7d28a6b58d876bd27f9e556f63d3841804d2d9a15c92f3f195e46d24bfce7e987f8c988bb12d1dd995ba6
ssdeep: 24576:JktDxKh0qcBElTYgH6HxbQPStZq88888s888l88t88IHiy3p4P1blLwBUDJEG9Lw:cKhUEJYgaHxb4W
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D1C53A072B95F611C42E69F34BF39FACF310CC49D6B6B3C74A14AA31BB8272D19A5518
sha3_384: aedcff09eed9fa84b9fcb95a453d2d4a5ae81cbe926a1422410ee361fd0a233eeb4ce6fceeadb8b409e8363b47da66ef
ep_bytes: ff250020400000000000cdcc4c3ecdcc
timestamp: 2023-07-10 17:15:17

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Launcher Free
FileVersion: 1.0.0.0
InternalName: Launcher.exe
LegalCopyright: Copyright © ExileMu 2018
LegalTrademarks: 
OriginalFilename: Launcher.exe
ProductName: Launcher Free
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/GameTool.DT potentially unsafe also known as:

Lionic	Trojan.Win32.Game.4!c
CAT-QuickHeal	Trojan.GenericFC.S30117450
McAfee	Artemis!E073CBFC2064
Malwarebytes	RiskWare.GameTool
Zillya	Trojan.GameTool.Win32.3487
Cyren	W32/Trojan.GHK.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of MSIL/GameTool.DT potentially unsafe
APEX	Malicious
Cynet	Malicious (score: 100)
Avast	Win32:Malware-gen
McAfee-GW-Edition	Artemis!Trojan
Trapmine	suspicious.low.ml.score
SentinelOne	Static AI – Suspicious PE
GData	Win32.Trojan.Agent.U53E6S
Antiy-AVL	RiskWare/MSIL.GameTool
Google	Detected
Cylance	unsafe
Ikarus	Trojan.Snojan
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/GameTool
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_60% (W)

How to remove MSIL/GameTool.DT potentially unsafe?

MSIL/GameTool.DT potentially unsafe removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X