What is “Trojan.MSIL.Crypt.pef”?

The Trojan.MSIL.Crypt.pef is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.MSIL.Crypt.pef virus can do?

Executable code extraction
A process attempted to delay the analysis task.
Uses Windows utilities for basic functionality
Anomalous binary characteristics

How to determine Trojan.MSIL.Crypt.pef?


File Info:
crc32: E3320B57
md5: 22e625671a183a940d5b45e49816a3af
name: GST-Challan.exe
sha1: 4141b280cf6e1ee7274d5b5eaaf83dfcf1cc131c
sha256: b9073b25e23930b4ab461bde30330488dabb93d34fb8940ae267c9bb30d3d611
sha512: 3f6a52a678197d2a15b9f8a00753fe8b5ccadf2f46eb08be5284db0f884cfa93c7b228b98a80410888d21973bfadb3affbc960680d41a3857767e87b7e7121e5
ssdeep: 6144:WlZsmdxt/KxDeDpDlDrVgiGxIqszzO/virbhPpx4WbqQbq/9GptZdACz+0hRFQDq:sd/Mx4bRpqeqf9QjOuRFQGSPI5eLXK
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
LegalCopyright: xa9Copyright October 31st, 2003 by Mike Hardy
InternalName: 1
FileVersion: 1.00
CompanyName: Asylum Studios
LegalTrademarks: This Product is licensed to Mike and Kara Hardy
Comments: Written and Programmed By: Mike Hardy using Visual Basic
ProductName: Asylum Explorer - WebBrowser uses the Internet Explorer 3x or later Engine.
ProductVersion: 1.00
FileDescription: A Cool Horror Themed WebBrowser!
OriginalFilename: 1.exe

Trojan.MSIL.Crypt.pef also known as:

Bkav	W32.AIDetectVM.malware
FireEye	Generic.mg.22e625671a183a94
Qihoo-360	HEUR/QVM03.0.8E67.Malware.Gen
Cylance	Unsafe
Sangfor	Malware
TrendMicro	TSPY_VBKEYLOG.SM
BitDefenderTheta	Gen:NN.ZevbaF.34082.dn0@aCcUDsni
Cyren	W32/Agent.BBK.gen!Eldorado
APEX	Malicious
GData	Win32.Trojan-Stealer.Agent.AOX
Kaspersky	HEUR:Trojan.MSIL.Crypt.pef
F-Secure	Heuristic.HEUR/AGEN.1045493
Invincea	heuristic
Ikarus	Trojan-Spy.Agent
F-Prot	W32/Agent.BBK.gen!Eldorado
Avira	HEUR/AGEN.1045493
Endgame	malicious (high confidence)
ZoneAlarm	HEUR:Trojan.MSIL.Crypt.pef
Microsoft	Trojan:Win32/Wacatac.B!ml
Malwarebytes	Spyware.KeyLogger
ESET-NOD32	a variant of Win32/Spy.KeyLogger.NJK
TrendMicro-HouseCall	TSPY_VBKEYLOG.SM
SentinelOne	DFI – Malicious PE
eGambit	Unsafe.AI_Score_98%
AVG	FileRepMalware
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Trojan.MSIL.Crypt.pef?

Trojan.MSIL.Crypt.pef removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X