Categories: Crack

MSIL/HackTool.BruteForce.ZH information

The MSIL/HackTool.BruteForce.ZH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What MSIL/HackTool.BruteForce.ZH virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Dynamic (imported) function loading detected
Yara rule detections observed from a process memory dump/dropped files/CAPE
Enumerates the modules from a process (may be used to locate base addresses in process injection)
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
CAPE detected the RedLine malware family
Anomalous binary characteristics

How to determine MSIL/HackTool.BruteForce.ZH?


File Info:
name: 122077646DA00DBF8124.mlwpath: /opt/CAPEv2/storage/binaries/b67e4d44728214057860329c4fc234ce27e6f4b173e5007f36cc08305b80a195crc32: D961C3ADmd5: 122077646da00dbf812450b63a916c92sha1: beb11d1ec4ed3d1007607418fc65d2ad11a42e6dsha256: b67e4d44728214057860329c4fc234ce27e6f4b173e5007f36cc08305b80a195sha512: e7eaa080d37641dadd99a1dc77df5f381bbd7fc35e8cbb785c036660bff1fa91be3b5faa9f62d325b7c1f7281e1331421fa802f2fb0d01a267017e37b8d99f08ssdeep: 6144:PDKW1Lgbdl0TBBvjc/nZqIfh0e35Oclpz7YVT5ute3mlemxi9nt/0TWlwsBF1RU5:Lh1Lk70Tnvjc/Zzfh0KTTz74TD3yTkhetype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T10174CF1271C2E4B3C076107057B7C7E9DB29BC25076AD5DB76C92776AE342C276322C9sha3_384: 4a736f68a6dcf06f0aff0e272251356113e446cc751ec5b5bb0b6e5c8866c8831c64dfc1e4ca357f07bac8eef0ebbc48ep_bytes: e8e15c0000e9a4feffff8bff558bec83timestamp: 2012-07-13 22:47:16
Version Info:
Translation: 0x0000 0x04b0FileDescription: IG Cracker By 5.w6 - shamkFileVersion: 1.0.0.0InternalName: IG Cracker By 5.w6 - shamk.exeLegalCopyright: Copyright ©  2020OriginalFilename: IG Cracker By 5.w6 - shamk.exeProductName: IG Cracker By 5.w6 - shamkProductVersion: 1.0.0.0Assembly Version: 1.0.0.0

MSIL/HackTool.BruteForce.ZH also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.35244104
FireEye	Generic.mg.122077646da00dbf
ALYac	Trojan.GenericKD.35244104
Cylance	Unsafe
Zillya	Trojan.Generic.Win32.1264569
Sangfor	Backdoor.Win32.Bladabindi.ml
K7AntiVirus	Hacktool ( 005692cc1 )
Alibaba	Trojan:MSIL/Generic.513754fb
K7GW	Hacktool ( 005692cc1 )
Cybereason	malicious.46da00
VirIT	Trojan.Win32.Dnldr17.BULL
ESET-NOD32	a variant of MSIL/HackTool.BruteForce.ZH
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Trojan.GenericKD.35244104
NANO-Antivirus	Trojan.Win32.BruteForce.icmnmb
Avast	Win32:TrojanX-gen [Trj]
Tencent	Win32.Trojan.Generic.Duma
Ad-Aware	Trojan.GenericKD.35244104
TACHYON	Backdoor/W32.Xtreme.340480
Sophos	Mal/Generic-S (PUA)
Comodo	Malware@#3brj5y5fjm668
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win32.Generic.fc
Emsisoft	Trojan.GenericKD.35244104 (B)
Ikarus	Trojan.MSIL.Crypt
GData	Win32.Trojan.Sabsik.B
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Backdoor:Win32/Bladabindi!ml
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Agent.C209064
Acronis	suspicious
McAfee	Artemis!122077646DA0
MAX	malware (ai score=87)
Rising	Trojan.Generic!8.C3 (CLOUD)
Yandex	Trojan.Agent!eDHnb5WAadA
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Riskware/Generic
BitDefenderTheta	Gen:NN.ZexaF.34212.uq0@a03mlok
AVG	Win32:TrojanX-gen [Trj]
CrowdStrike	win/malicious_confidence_60% (W)