Malware

How to remove “MSIL:GenMalicious-PG [Trj]”?

Malware Removal

The MSIL:GenMalicious-PG [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL:GenMalicious-PG [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Creates a copy of itself
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine MSIL:GenMalicious-PG [Trj]?



File Info:

name: AA168664A005ECBB05BB.mlw
path: /opt/CAPEv2/storage/binaries/f098f5e427530efff4b3bb57aaab04c7ea4c9aaed638e1df95ce0af859a1e70e
crc32: 339657B4
md5: aa168664a005ecbb05bb24c1c657c3d8
sha1: 0a35c9326ee65eb325b0ac5a181ba255ab847303
sha256: f098f5e427530efff4b3bb57aaab04c7ea4c9aaed638e1df95ce0af859a1e70e
sha512: a0b7d43bdadfe95f902d249db293e0fd9845772455442026d0bde5b2537eb2bc1e7dc6db53a949cd1508a48a8f9ceb4baf03c960d393d16f81261b99e9d99c68
ssdeep: 3072:WUWwMvVNbWYSNSIBJDlyqGrPxQl8epEPOKG04oWW95j7+ydtIBXUiD:AtdE1FKaEP24W0JdyR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T162D30225A7E62535CB9FCE3344796F109AB15701CC0BDECD45A83AB94AB37D06BD228C
sha3_384: 89c83fba02f7442060143b2cd2dfbe1562ad7d98b8d00ac6731fcb0fcd3696216c70dabf25219adadb0b55d64f75b00e
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-07-22 15:13:25


Version Info:

Translation: 0x0000 0x04b0
FileDescription: WindowsApplication1
FileVersion: 1.0.0.0
InternalName: WindowsApplication1.exe
LegalCopyright: Copyright ©  2015
OriginalFilename: WindowsApplication1.exe
ProductName: WindowsApplication1
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL:GenMalicious-PG [Trj] also known as:

BkavW32.AIDetectNet.01
LionicHeuristic.File.Generic.00×1!p
MicroWorld-eScanGen:Heur.MSIL.Androm.9
ClamAVWin.Packed.Lynx-6899009-0
FireEyeGeneric.mg.aa168664a005ecbb
ALYacGen:Heur.MSIL.Androm.9
CylanceUnsafe
ZillyaTrojan.Injector.Win32.282569
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0055e39a1 )
K7GWTrojan ( 0055e39a1 )
CrowdStrikewin/malicious_confidence_100% (W)
BaiduMSIL.Trojan.Injector.aq
VirITTrojan.Win32.MSIL8.BCML
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Injector.CKR
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Heur.MSIL.Androm.9
NANO-AntivirusTrojan.Win32.BFQ.duhgsn
AvastMSIL:GenMalicious-PG [Trj]
Ad-AwareGen:Heur.MSIL.Androm.9
SophosML/PE-A + Mal/MSILInj-AM
ComodoMalware@#2hqnvdh4qwvrb
DrWebTrojan.InjectNET.7
VIPREGen:Heur.MSIL.Androm.9
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.moderate.ml.score
EmsisoftGen:Heur.MSIL.Androm.9 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Heur.MSIL.Androm.9
JiangminTrojan/Generic.bgysj
AviraTR/Dropper.Gen
MAXmalware (ai score=80)
Antiy-AVLTrojan/Generic.ASMalwS.3303
KingsoftWin32.Troj.Undef.(kcloud)
ArcabitTrojan.MSIL.Androm.9
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Dynamer!ac
GoogleDetected
AhnLab-V3Trojan/Win32.Bladabindi.C682605
Acronissuspicious
McAfeeArtemis!AA168664A005
MalwarebytesPUP.Optional.Amonetize
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:Asim6AycOej6i5T6aDGXUw)
YandexTrojan.Agent!0BJAINdkPgs
IkarusTrojan.Inject
FortinetMSIL/Injector.BFO!tr
BitDefenderThetaGen:NN.ZemsilF.34592.im0@a8GLQMj
AVGMSIL:GenMalicious-PG [Trj]
PandaTrj/CI.A

How to remove MSIL:GenMalicious-PG [Trj]?

MSIL:GenMalicious-PG [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment