Spyware:MSIL/BlitzedGrabberV12.B!MTB information

The Spyware:MSIL/BlitzedGrabberV12.B!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Spyware:MSIL/BlitzedGrabberV12.B!MTB virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics
CAPE detected the StormKitty malware family

How to determine Spyware:MSIL/BlitzedGrabberV12.B!MTB?


File Info:
name: 1D3E0D7571EA85D07DFA.mlw
path: /opt/CAPEv2/storage/binaries/388c2eed220940851a247d8a6336f62595d0d8f0e3bfbb450396df478c0075ca
crc32: C2331F27
md5: 1d3e0d7571ea85d07dfa30e97d4047d2
sha1: c53118f0e19b99ecebe3ea9bdd4ed7c3eb1c2860
sha256: 388c2eed220940851a247d8a6336f62595d0d8f0e3bfbb450396df478c0075ca
sha512: 079065d313775a96b06308ca8f530dfcead339ea70f676a47706900d3ad04547cce8b28a6d61473a5a394166ff60612651a35dc9d0c0e4278dacdd20753dec5b
ssdeep: 1536:xx3XtG2k+nUmkC24iDlL5wzVOLh9wHDM:xxNk+nUmkCuSILh9wHDM
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1CF533A457BEA5614E6FE8FBD94B102259331F063A822EF6F1CC8549C05F2784C964BEB
sha3_384: f728e24baffc76c62af28e8d1515dbcb290f4db49c669ec5dac1b7b55969f23e30555068cb465efeb7dbeedde6674889
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-07-02 04:16:12

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: slasher_cash.exe
LegalCopyright:  
OriginalFilename: slasher_cash.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Spyware:MSIL/BlitzedGrabberV12.B!MTB also known as:

Bkav	W32.AIDetectNet.01
MicroWorld-eScan	IL:Trojan.MSILZilla.15602
FireEye	Generic.mg.1d3e0d7571ea85d0
McAfee	GenericRXTK-TQ!1D3E0D7571EA
Cylance	Unsafe
VIPRE	IL:Trojan.MSILZilla.15602
Sangfor	Virus.Win32.Save.a
Cybereason	malicious.0e19b9
Cyren	W32/Azorult.D.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/PSW.Agent.SCI
APEX	Malicious
ClamAV	Win.Packed.Msilzilla-9952126-0
Kaspersky	HEUR:Trojan-PSW.MSIL.Disco.gen
BitDefender	IL:Trojan.MSILZilla.15602
Avast	Win32:PWSX-gen [Trj]
Ad-Aware	IL:Trojan.MSILZilla.15602
Emsisoft	IL:Trojan.MSILZilla.15602 (B)
DrWeb	Trojan.PWS.DiscordNET.50
McAfee-GW-Edition	GenericRXTK-TQ!1D3E0D7571EA
Trapmine	malicious.high.ml.score
Sophos	ML/PE-A
Ikarus	Trojan.MSIL.PSW
GData	MSIL.Trojan-Stealer.DiscordStealer.D
Avira	HEUR/AGEN.1203024
MAX	malware (ai score=89)
Arcabit	IL:Trojan.MSILZilla.D3CF2
Microsoft	Spyware:MSIL/BlitzedGrabberV12.B!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Generic.C5143894
ALYac	IL:Trojan.MSILZilla.15602
Malwarebytes	Spyware.PasswordStealer.MSIL
Rising	Stealer.Agent!8.C2 (TFE:dGZlOg0qc5jF0bwGoQ)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.SCI!tr.pws
BitDefenderTheta	Gen:NN.ZemsilF.34742.dm0@aqUV7ok
AVG	Win32:PWSX-gen [Trj]

How to remove Spyware:MSIL/BlitzedGrabberV12.B!MTB?

Spyware:MSIL/BlitzedGrabberV12.B!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X