Trojan

How to remove “Trojan.CoinMiner.MSIL”?

Malware Removal

The Trojan.CoinMiner.MSIL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.CoinMiner.MSIL virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Trojan.CoinMiner.MSIL?



File Info:

name: 3830003C7B87F023221B.mlw
path: /opt/CAPEv2/storage/binaries/242f443bd7477517533be870533da62384023076d0e2149c70cf84c470424665
crc32: 4AE1116D
md5: 3830003c7b87f023221b48c3129c56c0
sha1: 329d299266f47779199e16a1138adf1a31d581b8
sha256: 242f443bd7477517533be870533da62384023076d0e2149c70cf84c470424665
sha512: 13b0118a53cebeb36ad127b5017def7a96800caa69fb7bbd902f03f93ae5748c8571c31a7489fe559f197e064060705affc999e82b8957415baa47cd5896212f
ssdeep: 192:7rxP2836aIHQ992+AFp0jFOxjvtJOxR8Wx+rJb5pejWTaY:PxP2ilIe92+AgjFOxtJOxRD4NmjWTaY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16A22E7207BFAC015F1FB5FB56CF23712557AFA972926CA5F1844425E0D12740CAE2B72
sha3_384: cf1c2f57700da0409509a2de1b30e13cfd8bc7a1df2ded59f2d7f68dfbedfc76b7829daafd8364286c1ff420965ff05c
ep_bytes: ff250020004000000000000000000000
timestamp: 2021-12-06 15:24:20


Version Info:

Translation: 0x0000 0x04b0
Comments: Shell Infrastructure Host
FileDescription: Shell Infrastructure Host
FileVersion: 10.0.19041.746
InternalName: test6-watchdog.exe
LegalCopyright: © Microsoft Corporation. All Rights Reserved.
OriginalFilename: test6-watchdog.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.746
Assembly Version: 0.0.0.0

Trojan.CoinMiner.MSIL also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.47609461
FireEyeGeneric.mg.3830003c7b87f023
CylanceUnsafe
K7AntiVirusTrojan ( 0057f9af1 )
AlibabaTrojan:Win32/CoinMiner.cb0844dd
CrowdStrikewin/malicious_confidence_90% (W)
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win32/CoinMiner.CGV
APEXMalicious
BitDefenderTrojan.GenericKD.47609461
AvastWin32:Trojan-gen
TencentTrojan.Win64.BitCoinMiner.16000099
Ad-AwareTrojan.GenericKD.47609461
SophosMal/Generic-S
McAfee-GW-EditionArtemis!Trojan
EmsisoftTrojan.GenericKD.47609461 (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.47609461
WebrootW32.Coinminer.Gen
AviraTR/Dropper.MSIL.Gen
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
McAfeeRDN/Generic.rp
MAXmalware (ai score=89)
MalwarebytesTrojan.CoinMiner.MSIL
TrendMicro-HouseCallTROJ_GEN.R002H0AL921
YandexTrojan.CoinMiner!T+SKkDUP5Vo
IkarusTrojan.Win32.CoinMiner
FortinetW32/Miner.CGV!tr
BitDefenderThetaGen:NN.ZemsilCO.34084.am0@aObwrpf
AVGWin32:Trojan-gen
Cybereasonmalicious.266f47

How to remove Trojan.CoinMiner.MSIL?

Trojan.CoinMiner.MSIL removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment