Categories: Risk

RiskWare.PasswordStealer.Discord malicious file

The RiskWare.PasswordStealer.Discord is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What RiskWare.PasswordStealer.Discord virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine RiskWare.PasswordStealer.Discord?


File Info:
name: B16C720B52AD85CF1906.mlwpath: /opt/CAPEv2/storage/binaries/c2d986774a3802a87c987914bf0284a88f209a4cd093834b531b148560705227crc32: 4AB0B883md5: b16c720b52ad85cf1906c03616f5ae85sha1: 4a77151a5e48e49f8916ac5bccb841fe1d811364sha256: c2d986774a3802a87c987914bf0284a88f209a4cd093834b531b148560705227sha512: ab87aaae7be88f1e78f6be471b0985ef0a9012fcc0c50ecd5b0c55effcdf86b6b98a14c4d9edf0d20055f10060d4cb4b90d819653b3acc1146884c9307e7ef9essdeep: 12288:7DbZ8lYMomK36i3Ufjd3YIAX6ZQs2XiOu3U3Qn0BrAYMthRiCQLrYlAB2:IomKqE9X6ZQ3XXQ0BrADltype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1B2351752B7B9CA53E29E1733D4E4D93887A0EC51D6A6E70F21D52EAB3C033A78D04356sha3_384: 91fff2c20e3affe47b8155f8be8af3cad6628bc9dd3e7e2e80937b7b65b78d6915a94c1e69754dc24c527610ee005edaep_bytes: ff250020400000000000000000000000timestamp: 2062-05-19 21:15:31
Version Info:
Translation: 0x0000 0x04b0Comments: The beta version of the injectorCompanyName: TRXSHFileDescription: TRXSHWare InjectorFileVersion: 1.0.0InternalName: TrxshWareInjector.exeLegalCopyright: 2022LegalTrademarks: OriginalFilename: TrxshWareInjector.exeProductName: TRXSHWareProductVersion: 1.0.0Assembly Version: 1.0.0.0

RiskWare.PasswordStealer.Discord also known as:

Bkav	W32.AIDetectNet.01
Lionic	Trojan.Win32.Disco.i!c
Elastic	malicious (moderate confidence)
DrWeb	Trojan.PWS.DiscordNET.48
MicroWorld-eScan	Trojan.GenericKD.61272706
FireEye	Trojan.GenericKD.61272706
McAfee	GenericRXUA-LF!B16C720B52AD
Cylance	Unsafe
Zillya	Trojan.Stealer.Win32.27189
Sangfor	Infostealer.Win32.Agent.V3oq
Alibaba	TrojanPSW:MSIL/Stealer.0c45bbd6
Cyren	W32/ABRisk.BWVF-4824
Symantec	ML.Attribute.HighConfidence
TrendMicro-HouseCall	TROJ_GEN.R002C0WHF22
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-PSW.MSIL.Stealer.gen
BitDefender	Trojan.GenericKD.61272706
Avast	Win32:PWSX-gen [Trj]
Tencent	Msil.Trojan-QQPass.QQRob.Wylw
Ad-Aware	Trojan.GenericKD.61272706
Emsisoft	Trojan.GenericKD.61272706 (B)
VIPRE	Trojan.GenericKD.61272706
TrendMicro	TROJ_GEN.R002C0WHF22
McAfee-GW-Edition	GenericRXUA-LF!B16C720B52AD
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
Google	Detected
Avira	TR/Redcap.ywuyn
Antiy-AVL	Trojan/Generic.ASMalwS.6EF0
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	MSIL.Trojan-Stealer.DiscordStealer.D
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.R512052
VBA32	Downloader.MSIL.gen.rexp
MAX	malware (ai score=86)
Malwarebytes	RiskWare.PasswordStealer.Discord
APEX	Malicious
Rising	Stealer.Discord!8.10A86 (CLOUD)
MaxSecure	Trojan.Malware.74396735.susgen
Fortinet	PossibleThreat
AVG	Win32:PWSX-gen [Trj]
Panda	Trj/Chgt.AD