Trojan

What is “Trojan-Downloader.MSIL.Crypt”?

Malware Removal

The Trojan-Downloader.MSIL.Crypt is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Downloader.MSIL.Crypt virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine Trojan-Downloader.MSIL.Crypt?



File Info:

name: 0B91BF8D3428042DF47E.mlw
path: /opt/CAPEv2/storage/binaries/df97e47792b584e614dfe0d5bfdef4c8fb9f126440afad9240ea6d95dccf2da1
crc32: D0FB6D9F
md5: 0b91bf8d3428042df47edca588a90fde
sha1: cb218de16afffa249659c82f4e71925f6aa9fa5d
sha256: df97e47792b584e614dfe0d5bfdef4c8fb9f126440afad9240ea6d95dccf2da1
sha512: a6eba3bf81aa57a0c0d6e579fe19213aa041258fdfdc88b6767b1602cefe2250f9fa5216f1f0f61d94813f478c9bc7ffd4a6080d1a2d4d669df6da59013919c8
ssdeep: 96:FS0LZrbq6cLc42C9hqnXLXzKbli8QvzNt:Aibq6cbRhYjKblG5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F5D1A511A3C84B77DDB60B325C7292404779F691AC6BDB6D6C84321FAD2B3254BA2F30
sha3_384: b65a8402fcad1bad31b6a3374c248f734edf52c581a9c90bb3254b1c359ca7e507d88594b182d67fbb03100c40f3d099
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-11-28 19:41:12


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: server
FileVersion: 1.0.0.0
InternalName: server.exe
LegalCopyright: Copyright ©  2017
LegalTrademarks: 
OriginalFilename: server.exe
ProductName: server
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan-Downloader.MSIL.Crypt also known as:

LionicTrojan.MSIL.Crypt.a!c
MicroWorld-eScanTrojan.GenericKD.38137042
FireEyeGeneric.mg.0b91bf8d3428042d
McAfeeArtemis!0B91BF8D3428
ZillyaDownloader.Agent.Win32.455522
CrowdStrikewin/malicious_confidence_70% (W)
AlibabaTrojanDownloader:MSIL/Generic.59b79199
K7GWTrojan-Downloader ( 0057688f1 )
Cybereasonmalicious.16afff
BitDefenderThetaGen:NN.ZemsilF.34062.am0@aCahcUk
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.HEV
TrendMicro-HouseCallTROJ_GEN.R002H0AKS21
KasperskyHEUR:Trojan-Downloader.MSIL.Crypt.gen
BitDefenderTrojan.GenericKD.38137042
AvastWin32:Trojan-gen
TencentMsil.Trojan-downloader.Agent.Hoz
Ad-AwareTrojan.GenericKD.38137042
SophosMal/Generic-S
McAfee-GW-EditionArtemis!Trojan
SentinelOneStatic AI – Malicious PE
EmsisoftTrojan.GenericKD.38137042 (B)
APEXMalicious
GDataTrojan.GenericKD.38137042
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1135868
ArcabitTrojan.Generic.D245ECD2
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
VBA32TScope.Trojan.MSIL
ALYacTrojan.GenericKD.38137042
MAXmalware (ai score=85)
IkarusTrojan-Downloader.MSIL.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.HEV!tr.dldr
AVGWin32:Trojan-gen
PandaTrj/CI.A

How to remove Trojan-Downloader.MSIL.Crypt?

Trojan-Downloader.MSIL.Crypt removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment