Malware

PWS:MSIL/Mintluks!pz removal

Malware Removal

The PWS:MSIL/Mintluks!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PWS:MSIL/Mintluks!pz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Compiles .NET code into an executable and executes it
  • Deletes executed files from disk

How to determine PWS:MSIL/Mintluks!pz?



File Info:

name: 47BB81C50FEA6DC03B6C.mlw
path: /opt/CAPEv2/storage/binaries/2b46ebdb03ebf90410673e1597f058c61845c84d4f9fc40d5bc90056caf20f72
crc32: 80D5248A
md5: 47bb81c50fea6dc03b6c68263abe9c61
sha1: 2272e9e26598cc8b7685cca096b08571760b6481
sha256: 2b46ebdb03ebf90410673e1597f058c61845c84d4f9fc40d5bc90056caf20f72
sha512: 58c83ea0f2df9c4aabe8c3255862d58f90bf9f0fdf3cef41ec5419019773e2f71e3b1a796fdd207b81dc597311bda74365d12ce4aca4da4866855cace9cc4faf
ssdeep: 1536:BRWV586dy0MochZDsC8Kl/99Z242UdIAkn3jKZPjoYaoQtC6P9/o21dA:BRWV581n7N041Qqhgn9/oN
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14A73BF15AE810D08E7F80B3205DC35CA06BFFB4EEA7057CA5D6E65A81B37B9099E0764
sha3_384: fbc90d893f5709b6f27b4b21b52b320bb3c9770eb39fede8002513d25d745ab774e8d2343670e79bf462457f0e31929e
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-07-11 02:40:40


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: tmp4B90.tmp.exe
LegalCopyright:  
OriginalFilename: tmp4B90.tmp.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

PWS:MSIL/Mintluks!pz also known as:

BkavW32.FamVT.Deb123TTc.Worm
LionicTrojan.Win32.Generic.4!c
FireEyeGeneric.mg.47bb81c50fea6dc0
CAT-QuickHealTrojan.Generic.TRFH959
SkyhighBehavesLike.Win32.Generic.lc
ALYacTrojan.GenericKDZ.95500
Cylanceunsafe
VIPRETrojan.GenericKDZ.95500
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0056ae4d1 )
AlibabaTrojan:Win32/csharp.ali2000008
K7GWTrojan ( 005690671 )
Cybereasonmalicious.26598c
ArcabitTrojan.Generic.D1750C
BitDefenderThetaGen:NN.ZemsilF.36744.em0@aC24y0m
VirITTrojan.Win32.Dnldr7.DCEA
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.MSS
APEXMalicious
ClamAVWin.Malware.Avlj-9877624-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKDZ.95500
NANO-AntivirusTrojan.Win32.Generic.euparm
MicroWorld-eScanTrojan.GenericKDZ.95500
AvastWin32:Agent-AVLJ [Trj]
TencentTrojan.MSIL.Zilla.ha
TACHYONTrojan/W32.DN-Agent.80384.BJ
EmsisoftTrojan.GenericKDZ.95500 (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.DownLoader7.54184
ZillyaTrojan.AgentGen.Win32.91
TrendMicroTROJ_MINTLUKS.SM
Trapminemalicious.moderate.ml.score
SophosMal/MSIL-TU
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.Injector.ioj
VaristW32/MSIL_Kryptik.AZD.gen!Eldorado
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Win32.AGeneric
Kingsoftmalware.kb.c.1000
XcitiumTrojWare.MSIL.Mintluks.JJC@7axq6t
MicrosoftPWS:MSIL/Mintluks!pz
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataMSIL.Trojan.PSE.105TIS2
GoogleDetected
AhnLab-V3Trojan/Win32.Mintluks.R344894
McAfeeGenericRXCZ-AI!47BB81C50FEA
MAXmalware (ai score=88)
VBA32OScope.TrojanDropper.MSIL.Mintluks
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTROJ_MINTLUKS.SM
RisingBackdoor.njRAT!1.AE81 (CLASSIC)
IkarusTrojan.Dropper
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.JJC!tr
AVGWin32:Agent-AVLJ [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove PWS:MSIL/Mintluks!pz?

PWS:MSIL/Mintluks!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Malware

How to remove “PWS:MSIL/Mintluks!pz”?

Malware Removal

The PWS:MSIL/Mintluks!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What PWS:MSIL/Mintluks!pz virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Compiles .NET code into an executable and executes it
  • Deletes executed files from disk

How to determine PWS:MSIL/Mintluks!pz?



File Info:

name: F7B7B50FB9A7A97B17AD.mlw
path: /opt/CAPEv2/storage/binaries/90a3bd6faaa8c342b1a2f3a8eec26e8657f19a97393f93f7d8a38ed01c990aec
crc32: 83D6E3F7
md5: f7b7b50fb9a7a97b17ad23f974752ac3
sha1: 3b797cb481ed16856d7852ead09c17a9ed99ca66
sha256: 90a3bd6faaa8c342b1a2f3a8eec26e8657f19a97393f93f7d8a38ed01c990aec
sha512: 2f9dd97fb4cef32569bb7c3e3e150b25469627aad0892759faed7f962ee0722b98d13473492053e5efa96f6f938148557f5681b2e975f4e762a2ef12b42cbc68
ssdeep: 1536:DStHHM3xXT0XRhyRjVf3znOJTv3lcUK/+dWzCP7oYTcSQtet9/I1ed:DStHs3xSyRxvY3md+dWWZyet9/3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A873CF11BF812E48E7F91B3316EC25D607AFBB899DB097CB686D89D84F37A4084D0758
sha3_384: 6250e8bcaa6d91991dd84b7d6488e7d3cac8062ca70570c021a324279bf1d68341da46a6bff4cc4e1259536a3f6e6961
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-05-25 17:10:55


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: tmp4816.tmp.exe
LegalCopyright:  
OriginalFilename: tmp4816.tmp.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

PWS:MSIL/Mintluks!pz also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Generic.4!c
DrWebTrojan.DownLoader7.54184
MicroWorld-eScanIL:Trojan.MSILZilla.21585
ClamAVWin.Malware.Avlj-9877624-0
FireEyeGeneric.mg.f7b7b50fb9a7a97b
CAT-QuickHealTrojan.Generic.TRFH959
SkyhighBehavesLike.Win32.Generic.lc
McAfeeGenericRXEH-SZ!F7B7B50FB9A7
Cylanceunsafe
VIPREIL:Trojan.MSILZilla.21585
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0056ae4d1 )
AlibabaTrojan:Win32/csharp.ali2000008
K7GWTrojan ( 005690671 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitIL:Trojan.MSILZilla.D5451
BitDefenderThetaGen:NN.ZemsilF.36744.em0@a894BZf
VirITTrojan.Win32.Dnldr8.BVXD
SymantecMSIL.Packed.13
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.MSS
APEXMalicious
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderIL:Trojan.MSILZilla.21585
NANO-AntivirusTrojan.Win32.Generic.euparm
AvastWin32:Agent-AVLJ [Trj]
SophosMal/MSIL-TU
F-SecureTrojan.TR/Dropper.Gen
ZillyaTrojan.AgentGen.Win32.91
TrendMicroTROJ_MINTLUKS.SM
EmsisoftIL:Trojan.MSILZilla.21585 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.Injector.ioj
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Win32.AGeneric
Kingsoftmalware.kb.c.1000
XcitiumTrojWare.MSIL.Mintluks.JJC@7axq6t
MicrosoftPWS:MSIL/Mintluks!pz
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataMSIL.Trojan.PSE.105TIS2
VaristW32/MSIL_Kryptik.AZD.gen!Eldorado
AhnLab-V3Trojan/Win32.Mintluks.R344986
VBA32OScope.TrojanDropper.MSIL.Mintluks
ALYacIL:Trojan.MSILZilla.21585
MAXmalware (ai score=89)
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTROJ_MINTLUKS.SM
RisingBackdoor.njRAT!1.AE81 (CLASSIC)
YandexTrojan.Agent!qabIfCaKskE
IkarusTrojan.Dropper
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.JJC!tr
AVGWin32:Agent-AVLJ [Trj]
Cybereasonmalicious.481ed1
DeepInstinctMALICIOUS

How to remove PWS:MSIL/Mintluks!pz?

PWS:MSIL/Mintluks!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment