Trojan

Trojan.MSIL.Inject.abrcb (file analysis)

Malware Removal

The Trojan.MSIL.Inject.abrcb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.MSIL.Inject.abrcb virus can do?

  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Trojan.MSIL.Inject.abrcb?


File Info:

name: 3091CECBD7AFAD9A416B.mlw
path: /opt/CAPEv2/storage/binaries/d08f902016f50cddce3dc2addb5d785b10af610938f1d7d2666a18e2b3864738
crc32: C547F45B
md5: 3091cecbd7afad9a416b93b9329d0dea
sha1: 5febc13ede2dbc649b15e177cdb8b82215aaa941
sha256: d08f902016f50cddce3dc2addb5d785b10af610938f1d7d2666a18e2b3864738
sha512: 66b0d60f741c3ab16dfc1286541e47d8b39ec5a64107fb839a825f58308536e30593d09dd90f4ff24100d97b98a52981fd3259de1f12b875f9df6d697459fddb
ssdeep: 12288:l0q747UxkXpWLSeLDYN1l58M+4i3/RCV829mdclKPKDun0iYYO46fF10OQoQ5JBr:l03IxkXpW+gUN1Px+4/V829xlKdEUL5r
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11AF42303ED83E192CF51107A09B203025AADF59693958DE73BDB12582F5EED3A237793
sha3_384: 23fa0faf2cea4e8f3c4a8646b95070f316d83f301f2ff3dbe327122a0b2bc6bb8124e7748b7b7e450ed4ee460d07af00
ep_bytes: 68900000006800000000687cb84a00e8
timestamp: 2016-11-16 22:21:59

Version Info:

Translation: 0x0000 0x04b0

Trojan.MSIL.Inject.abrcb also known as:

BkavW32.AIDetect.malware1
LionicTrojan.MSIL.Inject.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.36151152
FireEyeGeneric.mg.3091cecbd7afad9a
CAT-QuickHealPUA.Gamehack.AL5
ALYacTrojan.GenericKD.36151152
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusUnwanted-Program ( 004eb0fe1 )
K7GWUnwanted-Program ( 004eb0fe1 )
Cybereasonmalicious.bd7afa
BitDefenderThetaGen:NN.ZexaF.34666.UuX@aOxskJpi
CyrenW32/GenTroj.BA.gen!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/HackTool.CheatEngine.AL potentially unsafe
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Gamehack-6725407-0
KasperskyTrojan.MSIL.Inject.abrcb
BitDefenderTrojan.GenericKD.36151152
NANO-AntivirusTrojan.Win32.Inject.hqtkjt
AvastWin32:Malware-gen
RisingTrojan.Inject!8.103 (CLOUD)
Ad-AwareTrojan.GenericKD.36151152
TACHYONTrojan/W32.Inject.769581
EmsisoftTrojan.GenericKD.36151152 (B)
ComodoTrojWare.Win32.GameHack.DC@5qhv2d
ZillyaTool.CheatEngine.Win32.2746
McAfee-GW-EditionBehavesLike.Win32.AdwareFileTour.bc
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
JiangminTrojan.MSIL.gjph
AviraTR/Inject.etkzp
MicrosoftPWS:Win32/Zbot!ml
GDataWin32.Application.GameHack.L
CynetMalicious (score: 100)
AhnLab-V3Unwanted/Win32.GameHack.C3627910
Acronissuspicious
McAfeeBackDoor-EIO
MAXmalware (ai score=84)
VBA32BScope.Trojan.Downloader
TencentMalware.Win32.Gencirc.10bb49b5
YandexTrojan.GenAsa!VnlNv1LrugE
IkarusTrojan.MSIL.Inject
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Siggen.ACEA!tr
AVGWin32:Malware-gen
PandaTrj/CI.A
CrowdStrikewin/grayware_confidence_90% (W)

How to remove Trojan.MSIL.Inject.abrcb?

Trojan.MSIL.Inject.abrcb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment