Trojan

How to remove “MSIL/TrojanDownloader.Small.CIN”?

Malware Removal

The MSIL/TrojanDownloader.Small.CIN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/TrojanDownloader.Small.CIN virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Possible date expiration check, exits too soon after checking local time
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics

How to determine MSIL/TrojanDownloader.Small.CIN?



File Info:

name: D33A16CD96939DF376EF.mlw
path: /opt/CAPEv2/storage/binaries/935fd0eb4cfe59f30d9fb4d0269ed7225f5ce09a78611dc614551eae01d164d6
crc32: A01258BE
md5: d33a16cd96939df376efc915f8cf9a9d
sha1: a28ebafa8de222e2ef69209541c9f62113643203
sha256: 935fd0eb4cfe59f30d9fb4d0269ed7225f5ce09a78611dc614551eae01d164d6
sha512: 3ff118446174d6d9676386295138ab42457cfcc85675baca0f763faa3c4813b1cc08b69cd56bd819f99b342d02905219f35455b5d835a1f310263594e78e378c
ssdeep: 1536:JxKY+T6KW5CvEyXWvE344wAL5LO8XvdPTwZI3sq5gnToIfnIOlIOjcTp5XSZx5tt:PDKW1LgppLRHMY0TBfJvjcTp5XSZx/J
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18AE36B2171C0C1B3C4B7113544E6CB799A7970314B6A96D7BBDD1BBA6E203E1A3362CE
sha3_384: 7f743d125cd8055f2f8b23928407accba32e9f99ffcfa4b52701abfa35d5d8f2ee497cdee96b1879c7f00a9ba88fccbe
ep_bytes: e8e15c0000e9a4feffff8bff558bec83
timestamp: 2012-07-13 22:47:16


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: Putt.exe
LegalCopyright:  
OriginalFilename: Putt.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/TrojanDownloader.Small.CIN also known as:

LionicTrojan.MSIL.Seraph.a!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Dopping.1
FireEyeGeneric.mg.d33a16cd96939df3
McAfeeArtemis!D33A16CD9693
CylanceUnsafe
ZillyaDownloader.Seraph.Win32.288
SangforTrojan.Script.Phonzy.A
CrowdStrikewin/malicious_confidence_60% (D)
AlibabaTrojanDownloader:MSIL/Seraph.c9c8c62d
K7GWTrojan-Downloader ( 00575c921 )
K7AntiVirusTrojan-Downloader ( 00575c921 )
BitDefenderThetaGen:NN.ZexaF.34212.jq0@aqwmkUo
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Small.CIN
Paloaltogeneric.ml
KasperskyTrojan-Downloader.MSIL.Seraph.gv
BitDefenderGen:Variant.Dopping.1
NANO-AntivirusTrojan.Win32.Seraph.ihspgi
SUPERAntiSpywareTrojan.Agent/Gen-MSIL
AvastWAT:Blacked-AB [Trj]
TencentMsil.Trojan-downloader.Seraph.Wopm
Ad-AwareGen:Variant.Dopping.1
EmsisoftGen:Variant.Dopping.1 (B)
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
SophosMal/Generic-S
IkarusTrojan-Downloader.MSIL.Small
GDataWin32.Trojan.Sabsik.B
AviraHEUR/AGEN.1242291
Antiy-AVLTrojan/Generic.ASMalwS.3112514
ArcabitTrojan.Dopping.1
ZoneAlarmTrojan-Downloader.MSIL.Seraph.gv
MicrosoftTrojan:Win32/Vigorf.A
CynetMalicious (score: 100)
Acronissuspicious
ALYacGen:Variant.Dopping.1
MAXmalware (ai score=88)
MalwarebytesSpyware.RedLineStealer
APEXMalicious
RisingDownloader.Small!8.B41 (CLOUD)
SentinelOneStatic AI – Malicious PE
FortinetRiskware/Seraph
AVGWAT:Blacked-AB [Trj]
Cybereasonmalicious.d96939

How to remove MSIL/TrojanDownloader.Small.CIN?

MSIL/TrojanDownloader.Small.CIN removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment