Ransom

Ransom:MSIL/HiddenTear.PB!MTB removal

Malware Removal

The Ransom:MSIL/HiddenTear.PB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:MSIL/HiddenTear.PB!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Ransom:MSIL/HiddenTear.PB!MTB?



File Info:

name: EABB920F75C294311371.mlw
path: /opt/CAPEv2/storage/binaries/3d13bbe7750e38414ba19fd51fe8a253d791edb6a923af31fe5d56ae17af0eec
crc32: 2B98FB88
md5: eabb920f75c2943113713849878a6dfb
sha1: b9002e7de36af025d4cd6cafc5e75f4ddae4012a
sha256: 3d13bbe7750e38414ba19fd51fe8a253d791edb6a923af31fe5d56ae17af0eec
sha512: 160e764c8147179f117dd1f36052cdaf81cbdfcd50a9355a2cf90010fda6cb8d812b048f36ca0238f666a3560ef5ec5634990c8f0b92ebc708b31e061d810cf9
ssdeep: 12288:wz2p5bu9TlLfUTdwq1sCv5ScY4v9xjIQcx/wPlm4IxoHO:wKvbuhZUTdqPXixcLFwPlQc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T115E4222D371C7A6AC2E5BDF3ED690A65A6B84703086D8F160D127E1DCB273C41EE4587
sha3_384: 0ba26782f5db97fe34f0621c19badc872c57e6b08910673e3d012786b272e1f349d221d90817fadb4a8190ba008cc0b9
ep_bytes: ff250020400000000000000000000000
timestamp: 2043-04-16 10:16:45


Version Info:

Translation: 0x0000 0x04b0
Comments: The Soviets Silver Monster
CompanyName: 
FileDescription: SovietSilver
FileVersion: 1.0.0.3
InternalName: SS Encrypter.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: SS Encrypter.exe
ProductName: SS Encrypter
ProductVersion: 1.0.0.3
Assembly Version: 1.0.0.3

Ransom:MSIL/HiddenTear.PB!MTB also known as:

LionicTrojan.MSIL.Agent.j!c
DrWebTrojan.EncoderNET.31374
MicroWorld-eScanIL:Trojan.MSILZilla.8091
FireEyeGeneric.mg.eabb920f75c29431
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
ALYacTrojan.Ransom.HiddenTear
MalwarebytesMalware.AI.183339482
ZillyaTrojan.Filecoder.Win32.18019
SangforRansom.MSIL.Agent.gen
K7AntiVirusTrojan ( 0057931d1 )
AlibabaRansom:MSIL/HiddenTear.64aaa529
K7GWTrojan ( 0057931d1 )
Cybereasonmalicious.f75c29
BitDefenderThetaGen:NN.ZemsilF.36196.Qm0@aG0oobe
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32MSIL/Filecoder.AGR
APEXMalicious
ClamAVWin.Ransomware.Msilzilla-9956233-0
KasperskyHEUR:Trojan-Ransom.Win32.Generic
BitDefenderIL:Trojan.MSILZilla.8091
AvastWin32:MalwareX-gen [Trj]
RisingRansom.SSEncrypter!1.D3DE (CLASSIC)
EmsisoftIL:Trojan.MSILZilla.8091 (B)
F-SecureHeuristic.HEUR/AGEN.1352145
VIPREIL:Trojan.MSILZilla.8091
TrendMicroRansom_RAMSIL.SM
McAfee-GW-EditionRansomware-FTD!EABB920F75C2
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataIL:Trojan.MSILZilla.8091
JiangminTrojan.MSIL.wjyn
GoogleDetected
AviraHEUR/AGEN.1352145
Antiy-AVLTrojan/MSIL.Filecoder
XcitiumMalware@#22b5v29raqjua
ArcabitIL:Trojan.MSILZilla.D1F9B
ZoneAlarmHEUR:Trojan-Ransom.Win32.Generic
MicrosoftRansom:MSIL/HiddenTear.PB!MTB
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win.Crypt.C4371497
McAfeeRansomware-FTD!EABB920F75C2
MAXmalware (ai score=100)
VBA32TScope.Trojan.MSIL
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_RAMSIL.SM
TencentWin32.Trojan.Generic.Qgil
YandexTrojan.Filecoder!xVdbNXSqhXg
IkarusTrojan-Ransom.FileCrypter
MaxSecureTrojan.Malware.73429809.susgen
FortinetMSIL/Filecoder.AGR!tr.ransom
AVGWin32:MalwareX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Ransom:MSIL/HiddenTear.PB!MTB?

Ransom:MSIL/HiddenTear.PB!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment