Trojan

Trojan-Banker.MSIL.IcedID information

Malware Removal

The Trojan-Banker.MSIL.IcedID is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Banker.MSIL.IcedID virus can do?

  • Presents an Authenticode digital signature
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine Trojan-Banker.MSIL.IcedID?



File Info:

crc32: A281845E
md5: 16a11f50f6925fca61040f2e0a834b89
name: 16A11F50F6925FCA61040F2E0A834B89.mlw
sha1: 4179ea5b096750082e177dddedf3a46f1576ef91
sha256: e95d92772e18190dbde834744c74aa2ab7fda3b01e1ca839fabb8a4285b4e148
sha512: 309b46e3e09e77a96a3ecc06a06a62fc7111e15383aefb8eed8c9be11c700774749d55f6dd7e2fb172bc74525a52c888e9aac6c49b217e4a0bc3b247676a075c
ssdeep: 24576:g5f8fTVFBMXoyfmp18d41OpH2c4n1MNPOIiPPo9ItIDvGYLDKbkxChx4ZVx:hmX4nWNPOIwPbI6EKAxChx6
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

LegalCopyright: xa9 Zoom Video Communications, Inc. All rights reserved.
InternalName: Zoom Meetings Installer
FileVersion: 5,6,0,0
CompanyName: Zoom Video Communications, Inc.
LegalTrademarks: Zoom Meetings Installer
Comments: Zoom Meetings Installer
ProductName: Zoom Meetings Installer
ProductVersion: 5,6,0,0
FileDescription: Zoom Meetings Installer
OriginalFilename: Zoom Meetings Installer
Translation: 0x0409 0x04e4

Trojan-Banker.MSIL.IcedID also known as:

K7AntiVirusTrojan ( 0057c06c1 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.30396
ALYacTrojan.GenericKD.46254675
CylanceUnsafe
SangforRiskware.Win32.Agent.ky
AlibabaTrojan:Win32/Kryptik.ali2000016
K7GWTrojan ( 0057c06c1 )
CyrenW32/Trojan.ECBJ-7606
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.AATY
AvastWin32:MalwareX-gen [Trj]
KasperskyHEUR:Trojan-Banker.MSIL.IcedID.gen
BitDefenderTrojan.GenericKD.46254675
MicroWorld-eScanTrojan.GenericKD.46254675
Ad-AwareTrojan.GenericKD.46254675
SophosMal/Generic-S
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojan.MSIL.KRYPTIK.USMANE721
McAfee-GW-EditionPWS-FCWJ!16A11F50F692
FireEyeGeneric.mg.16a11f50f6925fca
EmsisoftTrojan.GenericKD.46254675 (B)
MicrosoftTrojan:Win32/AgentTesla!ml
GDataMSIL.Trojan-Stealer.NetSteal.KN7BJH
McAfeeArtemis!16A11F50F692
MAXmalware (ai score=86)
MalwarebytesMalware.AI.1182150101
PandaTrj/CI.A
TrendMicro-HouseCallTrojan.MSIL.KRYPTIK.USMANE721
RisingTrojan.Kryptik!8.8 (CLOUD)
IkarusTrojan.MSIL.Crypt
FortinetMSIL/Kryptik.AATY!tr
AVGWin32:MalwareX-gen [Trj]
Paloaltogeneric.ml

How to remove Trojan-Banker.MSIL.IcedID?

Trojan-Banker.MSIL.IcedID removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment