Malware

MSIL/PSW.Agent.SNQ malicious file

Malware Removal

The MSIL/PSW.Agent.SNQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/PSW.Agent.SNQ virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine MSIL/PSW.Agent.SNQ?



File Info:

name: 4F2DAB73B95927AA3AE3.mlw
path: /opt/CAPEv2/storage/binaries/34eee17fa47ad1e5cfac92c1bdf1e26becf169202ba1ea884b2df918662ed055
crc32: 53520BB1
md5: 4f2dab73b95927aa3ae37877ee6a1d08
sha1: e1f3e342d14a05ff2e912fe6dd6323f0922cf984
sha256: 34eee17fa47ad1e5cfac92c1bdf1e26becf169202ba1ea884b2df918662ed055
sha512: dd6b244aab115be1282847fe069dac02962c0589fa9d5145f7d1883a038c0f8f22f652cc916a281e3f12868c5b6ab30974c4c80cca0cba8dc10d0978d800c8a9
ssdeep: 6144:aaIO2IQS4eQT2oC66juXTxD2bVbEvBPPDjVwG:aa09hTvBHtwG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11A3409006AED8D62EB6E777AE1D54748477291830F23D3DB2E4C43E52D823D2CE8659B
sha3_384: bcd776b5672fc5dec551c26f2cfd00a23ea2278f9118ea2edb2598376579de3f123db46557b439f3c3b5d69d1dba2214
ep_bytes: ff250020400000000000000000000000
timestamp: 2058-03-19 07:55:24


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Kitsune
FileDescription: KitsuneFN
FileVersion: 1.0.0.0
InternalName: KitsuneFN.exe
LegalCopyright: Copyright © Kitsune  2021
LegalTrademarks: 
OriginalFilename: KitsuneFN.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/PSW.Agent.SNQ also known as:

MicroWorld-eScanTrojan.GenericKD.38237714
FireEyeGeneric.mg.4f2dab73b95927aa
McAfeeRDN/Generic PWS.y
CylanceUnsafe
K7AntiVirusPassword-Stealer ( 00589d7d1 )
K7GWPassword-Stealer ( 00589d7d1 )
Cybereasonmalicious.2d14a0
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/PSW.Agent.SNQ
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-PSW.MSIL.Disco.gen
BitDefenderTrojan.GenericKD.38237714
AvastWin32:Trojan-gen
TencentMsil.Trojan-qqpass.Qqrob.Pegj
Ad-AwareTrojan.GenericKD.38237714
EmsisoftTrojan.GenericKD.38237714 (B)
TrendMicroTROJ_GEN.R002C0PLC21
McAfee-GW-EditionRDN/Generic PWS.y
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.38237714
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Generic.ASMalwS.34EAC1D
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D2477612
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZemsilF.34084.om1@aKPOdWi
ALYacTrojan.GenericKD.38237714
MAXmalware (ai score=82)
VBA32CIL.HeapOverride.Heur
MalwarebytesSpyware.DiscordStealer
TrendMicro-HouseCallTROJ_GEN.R002C0PLC21
IkarusTrojan.MSIL.PSW
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.SNQ!tr.pws
WebrootW32.Trojan.Gen
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_80% (W)

How to remove MSIL/PSW.Agent.SNQ?

MSIL/PSW.Agent.SNQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment