Trojan.MSIL.Crypt.hxhg removal instruction

The Trojan.MSIL.Crypt.hxhg is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.MSIL.Crypt.hxhg virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Trojan.MSIL.Crypt.hxhg?


File Info:
name: 53EF8F4DF79871B77448.mlw
path: /opt/CAPEv2/storage/binaries/d72ea686b34fbff66778fca13e7c9078af3a11538b86637124c315f37b333028
crc32: 7DE2D913
md5: 53ef8f4df79871b77448ac7626c6ebb0
sha1: 1b64b0e34a856af0420cc146b986c9dc2945e439
sha256: d72ea686b34fbff66778fca13e7c9078af3a11538b86637124c315f37b333028
sha512: 88b603aed5df3767043be5d81b9973ab27ee23722f89611453f3a90ae8b1c2d717d8c02e82f53b9738f432cd12f084e7bbe925397dcb68ba25e9fdcad7295c4a
ssdeep: 96:M3nDVSB8tR5eA0cx6OuqD88z5qn421RlH+MIynUF0lncrDg+0kQjIiOtxQ/zNt:MT82tnew6TqD6VZIrqZcPgljIvc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T102F1F708ABD4D232E9BE1F76487313C403B5E30698A2DB5F6ACD69266F5325905A37B0
sha3_384: e4a17ef6b7105aef5562243c9329b1555e453621af625689a05cb50e689c003e52e2719d977c2d30015ccf1a439bc1f2
ep_bytes: ff2500204000554889e5ffd15d4889ec
timestamp: 2091-04-17 15:44:41

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: 百分之50工程
FileVersion: 1.0.0.0
InternalName: 百分之50工程.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: 百分之50工程.exe
ProductName: 百分之50工程
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan.MSIL.Crypt.hxhg also known as:

Lionic	Trojan.MSIL.Crypt.4!c
MicroWorld-eScan	Trojan.GenericKD.38245697
FireEye	Generic.mg.53ef8f4df79871b7
McAfee	Artemis!53EF8F4DF798
Cylance	Unsafe
Zillya	Trojan.GenKryptik.Win32.116828
Sangfor	Trojan.Win32.Sabsik.FL
K7AntiVirus	Trojan ( 0058b9981 )
Alibaba	Trojan:MSIL/GenKryptik.5159e2db
K7GW	Trojan ( 0058b9981 )
CrowdStrike	win/malicious_confidence_100% (W)
Cyren	W32/MSIL_Kryptik.GGG.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/GenKryptik.FEXG
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan.MSIL.Crypt.hxhg
BitDefender	Trojan.GenericKD.38245697
Avast	Win32:TrojanX-gen [Trj]
Tencent	Msil.Trojan.Crypt.Sxfb
Sophos	Mal/Generic-S
TrendMicro	TROJ_GEN.R03FC0WLD21
McAfee-GW-Edition	Artemis!Trojan
Emsisoft	Trojan.GenericKD.38245697 (B)
SentinelOne	Static AI – Malicious PE
GData	Trojan.GenericKD.38245697
Avira	HEUR/AGEN.1206867
Gridinsoft	Ransom.Win32.Sabsik.sa
Microsoft	Trojan:Win32/Tiggre!rfn
Cynet	Malicious (score: 100)
BitDefenderTheta	Gen:NN.ZemsilF.34084.am0@a0p3F4h
MAX	malware (ai score=84)
Malwarebytes	Trojan.Crypt.MSIL
TrendMicro-HouseCall	TROJ_GEN.R03FC0WLD21
Yandex	Trojan.Crypt!prPuYsA53X8
Ikarus	Trojan.MSIL.Krypt
Fortinet	MSIL/GenKryptik.FEXG!tr
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.133534483.susgen

How to remove Trojan.MSIL.Crypt.hxhg?

Trojan.MSIL.Crypt.hxhg removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X