Categories: Spy

MSIL/Spy.RedLine.A removal tips

The MSIL/Spy.RedLine.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What MSIL/Spy.RedLine.A virus can do?

Authenticode signature is invalid
CAPE detected the RedLine malware family
Binary compilation timestomping detected

How to determine MSIL/Spy.RedLine.A?


File Info:
name: 12395994C2A77067D926.mlwpath: /opt/CAPEv2/storage/binaries/ecf6f9dbb2194cf0f5690fa57d6c473974a8449bca5cf7a7183996bfd34c4536crc32: B29364F4md5: 12395994c2a77067d926bd55285ab85asha1: 4e49b31beff786ee2366557d53a5bff774c81de0sha256: ecf6f9dbb2194cf0f5690fa57d6c473974a8449bca5cf7a7183996bfd34c4536sha512: 5b15b579133a5f6d45c49afb49716325837072ee485a3190c351cfd14cd37be71b34a4802b189ab020251c441d3a6e5e94ba52242b8a32d2d7a27f5d36e8b870ssdeep: 3072:WSC+pNP81Q3kCNDsno0XNH8XJgYSwcPb3WMeaCpiu+:WSC+o10snjfEtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T11214F97063DC4E05C4BE1E3A80B8B95C75B1294E5485875E9AC8F3FE5D72F489A02BA3sha3_384: 26e375c2a4e157a0fd5b84316cc6fd173455c9ffc4b4ba5b497696cab9b606c1161c0eefb3a81f35dd0c1f70d0d584a6ep_bytes: ff250020400000000000000000000000timestamp: 2071-01-20 00:19:20
Version Info:
Translation: 0x0000 0x04b0Comments: Nokia Desktop ClientCompanyName: NokiaFileDescription: Nokia USB ToolFileVersion: 12.2.1InternalName: Womanishly.exeLegalCopyright: Nokia Inc. 2022OriginalFilename: Womanishly.exeProductName: Desktop USB ManagerProductVersion: 12.2.1Assembly Version: 312.23.2.0

MSIL/Spy.RedLine.A also known as:

Bkav	W32.AIDetectNet.01
tehtris	Generic.Malware
MicroWorld-eScan	Trojan.GenericKDZ.93709
ALYac	Trojan.GenericKDZ.93709
Cylance	Unsafe
Cyren	W32/MSIL_Kryptik.IDY.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Spy.RedLine.A
APEX	Malicious
ClamAV	Win.Trojan.Redline-9938775-1
Kaspersky	HEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefender	Trojan.GenericKDZ.93709
Avast	Win32:PWSX-gen [Trj]
Ad-Aware	Trojan.GenericKDZ.93709
Emsisoft	Trojan.GenericKDZ.93709 (B)
DrWeb	Trojan.PWS.Stealer.34723
VIPRE	Trojan.GenericKDZ.93709
McAfee-GW-Edition	GenericRXOO-JB!12395994C2A7
Trapmine	suspicious.low.ml.score
FireEye	Generic.mg.12395994c2a77067
Sophos	ML/PE-A
SentinelOne	Static AI – Suspicious PE
Google	Detected
Antiy-AVL	Trojan/MSIL.RedLineStealer
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Arcabit	Trojan.Generic.D16E0D
ZoneAlarm	HEUR:Trojan-Spy.MSIL.Stealer.gen
GData	MSIL.Trojan-Stealer.Redline.G
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.FRAX.C5198182
Acronis	suspicious
McAfee	GenericRXOO-JB!12395994C2A7
MAX	malware (ai score=87)
VBA32	Trojan.MSIL.InfoStealer.gen.U
Malwarebytes	Spyware.PasswordStealer.MSIL
Rising	Stealer.Agent!1.DC63 (CLASSIC)
Ikarus	Trojan.MSIL.Spy
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.DFY!tr
BitDefenderTheta	Gen:NN.ZemsilCO.34796.mm0@aarIcNi
AVG	Win32:PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_90% (D)