MSIL/PSW.Agent.SSM information

The MSIL/PSW.Agent.SSM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/PSW.Agent.SSM virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine MSIL/PSW.Agent.SSM?


File Info:
name: DB2CA17569356451C409.mlw
path: /opt/CAPEv2/storage/binaries/a4c34aba393e16e8ad45df3ca01e359716c2cb1137307763f985b4c283692ff2
crc32: 92D64C81
md5: db2ca17569356451c4097ce82806fc1e
sha1: 21e8287ef84de3165cb4b1f30b584f6162e57b7d
sha256: a4c34aba393e16e8ad45df3ca01e359716c2cb1137307763f985b4c283692ff2
sha512: 273cd9e6cdc376ca177b86b0c13f31ac62fe50d9d33c35bd4e1a52d95db57e09ef0e39f9ae8e33b95e1d69af0fac8894b438ed2b8ab63e24bceb91c51a1a675d
ssdeep: 98304:H7NuSZTKA0t9FFPE7YVrsk9N8ivyhAdsPSQxJL73arcvr9omt4R8deUcIC4O+joW:Hdbk9fcwVN8iNIS4acz4ceUcI7j1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EE860216F3D140E4E9E74178C2BF5B13EAB474051320AAEB57904EA65F23BE2277E358
sha3_384: 3cc4a438369bbbbd6c05b5b35f432867a001daab0a408cdcfcc61e08a220cfd258ce4733e92a410aec34ec9a6c0d3ba2
ep_bytes: ff250020400000000000000000000000
timestamp: 2048-05-09 02:16:02

Version Info:
Translation: 0x0000 0x04b0
Comments: Basic Human Like Acting AI
CompanyName: 
FileDescription: Axie Infinity Auto Battle & Auto Farm Bot
FileVersion: 1.0.0.0
InternalName: AxieInfinityBot.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: AxieInfinityBot.exe
ProductName: 
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/PSW.Agent.SSM also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.39948219
FireEye	Generic.mg.db2ca17569356451
ALYac	Trojan.GenericKD.39948219
Cylance	Unsafe
VIPRE	Trojan.GenericKD.39948219
Sangfor	Trojan.Win32.Agent.V7fn
K7AntiVirus	Password-Stealer ( 005928261 )
Alibaba	TrojanPSW:MSIL/Stealer.0465d874
K7GW	Password-Stealer ( 005928261 )
Cybereason	malicious.ef84de
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/PSW.Agent.SSM
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Packed.Cerbu-9952791-0
Kaspersky	HEUR:Trojan-PSW.MSIL.Stealer.gen
BitDefender	Trojan.GenericKD.39948219
Avast	Win32:Trojan-gen
Tencent	Msil.Trojan-psw.Agent.Wrgm
Ad-Aware	Trojan.GenericKD.39948219
Emsisoft	Trojan.GenericKD.39948219 (B)
TrendMicro	TROJ_GEN.R002C0WG922
McAfee-GW-Edition	Artemis!Trojan
Sophos	Generic PUA CB (PUA)
SentinelOne	Static AI – Suspicious PE
GData	Trojan.GenericKD.39948219
Avira	TR/PSW.Agent.yuerk
Antiy-AVL	Trojan/Generic.ASMalwS.720E
Arcabit	Trojan.Generic.D2618FBB
Microsoft	Trojan:Win32/Wacatac.B!ml
Cynet	Malicious (score: 100)
McAfee	Artemis!DB2CA1756935
MAX	malware (ai score=82)
Malwarebytes	Spyware.PasswordStealer
TrendMicro-HouseCall	TROJ_GEN.R002C0WG922
Rising	Stealer.Agent!8.C2 (CLOUD)
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.SSM!tr.pws
BitDefenderTheta	Gen:NN.ZemsilF.34786.@p0@aOP5kYl
AVG	Win32:Trojan-gen
CrowdStrike	win/malicious_confidence_60% (W)

How to remove MSIL/PSW.Agent.SSM?

MSIL/PSW.Agent.SSM removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X