MSIL:GenMalicious-NJ [Trj] removal guide

The MSIL:GenMalicious-NJ [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL:GenMalicious-NJ [Trj] virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine MSIL:GenMalicious-NJ [Trj]?


File Info:
name: 063A7CE4DF4C2ECA2D7A.mlw
path: /opt/CAPEv2/storage/binaries/9895560114b21cb0df20cade8b20037915b7b23aa057d816371c4b5718ac1018
crc32: FB6E8077
md5: 063a7ce4df4c2eca2d7ad818516cd691
sha1: b218bf79db8871441c988ddc19200621c16e46e7
sha256: 9895560114b21cb0df20cade8b20037915b7b23aa057d816371c4b5718ac1018
sha512: e5779a7627e4178216e5f4d3a960d4afba36ba21dc971c684ee67982b8f61dc0fd838464f0955f91feb36c86cf2ca2477cbdab618fbc05189470f6198f87ecae
ssdeep: 1536:5pDax1kANo/LOdVvnMv3AGW6ajIPqdylkwtjxgE1:uxWANo/LOzvn+/UcmwtVgE1
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14673E04FAF079579C8D95F36C56346942BBA8E4272B3BB3B598834342EF335C8846160
sha3_384: 96f47d28e0d0112fbae6c38a3b3b8ddaab3581f5fadc1a47857b08c8eaf7ce61619a6a8cacc36407fbb05747e9fa9819
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-09-22 05:09:09

Version Info:
Translation: 0x0000 0x04b0
Comments: server
CompanyName: server
FileDescription: server
FileVersion: 0
InternalName: server.exe
LegalCopyright: server
LegalTrademarks: server
OriginalFilename: server.exe
ProductName: server
ProductVersion: 0
Assembly Version: 0.0.0.0

MSIL:GenMalicious-NJ [Trj] also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.m2bo
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.MSIL.Krypt.!cdmip!.2
FireEye	Generic.mg.063a7ce4df4c2eca
Skyhigh	Artemis!Trojan
McAfee	Artemis!063A7CE4DF4C
Cylance	unsafe
Zillya	Trojan.Generic.Win32.1250275
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:MSIL/GenMalicious.5c61a4af
Arcabit	Trojan.MSIL.Krypt.!cdmip!.2
BitDefenderTheta	Gen:NN.ZemsilF.36744.em0@aauOGjh
Symantec	ML.Attribute.HighConfidence
Cynet	Malicious (score: 100)
APEX	Malicious
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Heur.MSIL.Krypt.!cdmip!.2
NANO-Antivirus	Trojan.Win32.Krypt.iatozn
Avast	MSIL:GenMalicious-NJ [Trj]
Tencent	Win32.Trojan.Generic.Ikjl
Emsisoft	Gen:Heur.MSIL.Krypt.!cdmip!.2 (B)
F-Secure	Trojan.TR/Dropper.Gen
VIPRE	Gen:Heur.MSIL.Krypt.!cdmip!.2
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.DeepSea
Jiangmin	Trojan.Generic.ginpo
Avira	TR/Dropper.Gen
Antiy-AVL	Trojan/Win32.AGeneric
Microsoft	Trojan:Win32/Ymacco.AA98
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Heur.MSIL.Krypt.!cdmip!.2
Google	Detected
VBA32	TScope.Trojan.MSIL
MAX	malware (ai score=89)
Malwarebytes	MachineLearning/Anomalous.96%
Panda	Trj/CI.A
Rising	Malware.Obfus/MSIL@AI.98 (RDM.MSIL2:uPSx8/RFzn0D7FC3ZBtt7w)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Generic.AP.CFB3CCA!tr
AVG	MSIL:GenMalicious-NJ [Trj]
Cybereason	malicious.9db887
DeepInstinct	MALICIOUS

How to remove MSIL:GenMalicious-NJ [Trj]?

MSIL:GenMalicious-NJ [Trj] removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X