Trojan

How to remove “Trojan.MSIL.Disfa.lbek”?

Malware Removal

The Trojan.MSIL.Disfa.lbek is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MSIL.Disfa.lbek virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Trojan.MSIL.Disfa.lbek?



File Info:

name: 0C814AE689B229063EE7.mlw
path: /opt/CAPEv2/storage/binaries/45c695e610d78178ec5ca6f4e1993afacf4e435b566cd2caf65408fb6080300f
crc32: 81BA45DF
md5: 0c814ae689b229063ee7f0045cd36bae
sha1: 6bb562395254d750e418357e59b57061e32022cb
sha256: 45c695e610d78178ec5ca6f4e1993afacf4e435b566cd2caf65408fb6080300f
sha512: b0005c9107ff065e991742d65404675cf331b335705078fc7b3cf3103e605e9e2d71e83f8ce31050618fdf3c2ba934cef5faf7530e48127e1d392f59a12c4c24
ssdeep: 1536:mv9YXL9NCr457kHaS9kou27GDvkKjI2M3oewrlfZImvJgpCTQaaJpmuL+C:vXJqc7k6UkT20vk72M3ol99JgpCTQxJH
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T131834E283DFA5029F173EE7A8FE8759ADA6FB7632707585D1050034A4613E82EDC153E
sha3_384: 2d40023bbc9109486de2a9d915b06896f8f6f850b8b532cfc43f91702bb2dcbd09ff1787839b00cca803283c657b0bdb
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-03-18 07:16:35


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Windows
FileVersion: 1.0.0.0
InternalName: Windows.exe
LegalCopyright: Copyright ©  2017
OriginalFilename: Windows.exe
ProductName: Windows
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan.MSIL.Disfa.lbek also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Disfa.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Bulz.360955
CAT-QuickHealTrojan.MSIL
SkyhighArtemis!Trojan
ALYacTrojan.MSIL.Disfa
Cylanceunsafe
VIPREGen:Variant.Bulz.360955
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:MSIL/Disfa.6f7a4f95
K7GWTrojan ( 004c77211 )
K7AntiVirusTrojan ( 004c77211 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.CQR
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.MSIL.Disfa.lbek
BitDefenderGen:Variant.Bulz.360955
NANO-AntivirusTrojan.Win32.Disfa.eoaxqb
AvastWin32:Malware-gen
TencentMsil.Trojan.Disfa.Zmhl
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1358556
DrWebBackDoor.Bladabindi.13678
TrendMicroBKDR_BLADABINDI.YQB
EmsisoftGen:Variant.Bulz.360955 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.MSIL.fwqu
WebrootW32.Trojan.GenKD
GoogleDetected
AviraHEUR/AGEN.1358556
Antiy-AVLTrojan/MSIL.Disfa
Kingsoftmalware.kb.c.1000
MicrosoftBackdoor:MSIL/Bladabindi
XcitiumMalware@#2jhy5xrmv3eeu
ArcabitTrojan.Bulz.D581FB
ZoneAlarmTrojan.MSIL.Disfa.lbek
GDataGen:Variant.Bulz.360955
AhnLab-V3Trojan/Win32.Disfa.C2336585
McAfeeArtemis!0C814AE689B2
VBA32TScope.Trojan.MSIL
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/GdSda.A
TrendMicro-HouseCallBKDR_BLADABINDI.YQB
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:/En/2EglWEXChCN58g1Wtw)
YandexTrojan.Disfa!UZEQMRj+snQ
IkarusTrojan.MSIL.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Kryptik.BDI!tr
BitDefenderThetaGen:NN.ZemsilF.36680.fm0@amgXL@o
AVGWin32:Malware-gen
Cybereasonmalicious.95254d
DeepInstinctMALICIOUS

How to remove Trojan.MSIL.Disfa.lbek?

Trojan.MSIL.Disfa.lbek removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment