Crack

MSIL/HackTool.BruteForce.ZH information

Malware Removal

The MSIL/HackTool.BruteForce.ZH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/HackTool.BruteForce.ZH virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics

How to determine MSIL/HackTool.BruteForce.ZH?



File Info:

name: 122077646DA00DBF8124.mlw
path: /opt/CAPEv2/storage/binaries/b67e4d44728214057860329c4fc234ce27e6f4b173e5007f36cc08305b80a195
crc32: D961C3AD
md5: 122077646da00dbf812450b63a916c92
sha1: beb11d1ec4ed3d1007607418fc65d2ad11a42e6d
sha256: b67e4d44728214057860329c4fc234ce27e6f4b173e5007f36cc08305b80a195
sha512: e7eaa080d37641dadd99a1dc77df5f381bbd7fc35e8cbb785c036660bff1fa91be3b5faa9f62d325b7c1f7281e1331421fa802f2fb0d01a267017e37b8d99f08
ssdeep: 6144:PDKW1Lgbdl0TBBvjc/nZqIfh0e35Oclpz7YVT5ute3mlemxi9nt/0TWlwsBF1RU5:Lh1Lk70Tnvjc/Zzfh0KTTz74TD3yTkhe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10174CF1271C2E4B3C076107057B7C7E9DB29BC25076AD5DB76C92776AE342C276322C9
sha3_384: 4a736f68a6dcf06f0aff0e272251356113e446cc751ec5b5bb0b6e5c8866c8831c64dfc1e4ca357f07bac8eef0ebbc48
ep_bytes: e8e15c0000e9a4feffff8bff558bec83
timestamp: 2012-07-13 22:47:16


Version Info:

Translation: 0x0000 0x04b0
FileDescription: IG Cracker By 5.w6 - shamk
FileVersion: 1.0.0.0
InternalName: IG Cracker By 5.w6 - shamk.exe
LegalCopyright: Copyright ©  2020
OriginalFilename: IG Cracker By 5.w6 - shamk.exe
ProductName: IG Cracker By 5.w6 - shamk
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/HackTool.BruteForce.ZH also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.35244104
FireEyeGeneric.mg.122077646da00dbf
ALYacTrojan.GenericKD.35244104
CylanceUnsafe
ZillyaTrojan.Generic.Win32.1264569
SangforBackdoor.Win32.Bladabindi.ml
K7AntiVirusHacktool ( 005692cc1 )
AlibabaTrojan:MSIL/Generic.513754fb
K7GWHacktool ( 005692cc1 )
Cybereasonmalicious.46da00
VirITTrojan.Win32.Dnldr17.BULL
ESET-NOD32a variant of MSIL/HackTool.BruteForce.ZH
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKD.35244104
NANO-AntivirusTrojan.Win32.BruteForce.icmnmb
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan.Generic.Duma
Ad-AwareTrojan.GenericKD.35244104
TACHYONBackdoor/W32.Xtreme.340480
SophosMal/Generic-S (PUA)
ComodoMalware@#3brj5y5fjm668
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
EmsisoftTrojan.GenericKD.35244104 (B)
IkarusTrojan.MSIL.Crypt
GDataWin32.Trojan.Sabsik.B
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftBackdoor:Win32/Bladabindi!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Agent.C209064
Acronissuspicious
McAfeeArtemis!122077646DA0
MAXmalware (ai score=87)
RisingTrojan.Generic!8.C3 (CLOUD)
YandexTrojan.Agent!eDHnb5WAadA
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Generic
BitDefenderThetaGen:NN.ZexaF.34212.uq0@a03mlok
AVGWin32:TrojanX-gen [Trj]
CrowdStrikewin/malicious_confidence_60% (W)

How to remove MSIL/HackTool.BruteForce.ZH?

MSIL/HackTool.BruteForce.ZH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment