Trojan

Trojan.MSIL.Injector.W (B) removal tips

Malware Removal

The Trojan.MSIL.Injector.W (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MSIL.Injector.W (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan.MSIL.Injector.W (B)?



File Info:

name: EE9890B568AB73A758A2.mlw
path: /opt/CAPEv2/storage/binaries/dc0fb163a2c847726a513f416d157a75fc44791bcb5f66ab7065b098352812e0
crc32: E6629F9D
md5: ee9890b568ab73a758a28c2db5942107
sha1: b88a7d7694d5e19522602a475706614eda2b1721
sha256: dc0fb163a2c847726a513f416d157a75fc44791bcb5f66ab7065b098352812e0
sha512: 0d528b8d949add6526efe11d384245d77931da0911c4b763df66a506b86f314153bf1a66cd612f6d41dc72a7a27166a031c13e90a6700c83281f64e934e4d519
ssdeep: 3072:bIS/089tRlr9VgC6Y+3og1Q58X0Elgv7a3kiDtsVJiw5qQH9oJb9D:bl/dRjiC6YH0ClHO3jDtOm2qx
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12405F5127B608D1AC0761BF588A1D3B06374AEF0AA42836719F4FE5BFDF92C61D661C4
sha3_384: 403a221e652254144035c4074632379b5e0318a552b98b3c5a02d99306bf0154262fedc6b20241901ddaf688cdab0e72
ep_bytes: ff250020400000000000000000000000
timestamp: 2012-09-20 08:39:34


Version Info:

Translation: 0x0000 0x04b0
Comments: Microsoft
CompanyName: Microsoft
FileDescription: AppCos
FileVersion: 4.5.1.5
InternalName: AppCos.exe
LegalCopyright: Copyright © Microsoft 2012
OriginalFilename: AppCos.exe
ProductName: AppCos
ProductVersion: 4.5.1.5
Assembly Version: 2.3.4.1

Trojan.MSIL.Injector.W (B) also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
FireEyeGeneric.mg.ee9890b568ab73a7
CAT-QuickHealPUA.GenericFC.S6060348
McAfeeGenericRXGV-FJ!EE9890B568AB
CylanceUnsafe
ZillyaTrojan.Genome.Win32.233419
K7AntiVirusTrojan ( 004e7c0a1 )
AlibabaTrojanSpy:Win32/Kryptik.709c292c
K7GWTrojan ( 004e7c0a1 )
Cybereasonmalicious.568ab7
VirITTrojan.Win32.Generic.BUET
CyrenW32/MSIL_Troj.BXH.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.AW
APEXMalicious
ClamAVWin.Trojan.Agent-399145
KasperskyHEUR:Trojan-Spy.Win32.Generic
BitDefenderTrojan.MSIL.Injector.W
NANO-AntivirusTrojan.Win32.Win32.dbypjs
MicroWorld-eScanTrojan.MSIL.Injector.W
AvastWin32:TrojanX-gen [Trj]
TencentWin32.Trojan-spy.Generic.Anzk
Ad-AwareTrojan.MSIL.Injector.W
SophosMal/Generic-S
ComodoMalware@#120a0x4cycf64
DrWebTrojan.PWS.Stealer.715
VIPRETrojan.Win32.Generic!BT
TrendMicroBackdoor.MSIL.NANOBOT.AFFWVP
McAfee-GW-EditionGenericRXGV-FJ!EE9890B568AB
EmsisoftTrojan.MSIL.Injector.W (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.MSIL.Injector.W
JiangminBackdoor/Azbreg.qv
WebrootW32.Backdoor.Gen
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.1C309
KingsoftWin32.Troj.Undef.(kcloud)
ZoneAlarmHEUR:Trojan-Spy.Win32.Generic
MicrosoftBackdoor:Win32/Bladabindi!ml
AhnLab-V3Trojan/Win32.Xorist.R37229
BitDefenderThetaGen:NN.ZemsilF.34212.Xq3@aqaDdmo
ALYacTrojan.MSIL.Injector.W
VBA32Hoax.Xorist
MalwarebytesMalware.AI.2514576917
TrendMicro-HouseCallBackdoor.MSIL.NANOBOT.AFFWVP
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:X+wxFjpnJ5thWoIGxOJ8HQ)
IkarusBackdoor.Win32.Xtrat
MaxSecureTrojan.Malware.5609607.susgen
FortinetMSIL/Kryptik.VS!tr
AVGWin32:TrojanX-gen [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.MSIL.Injector.W (B)?

Trojan.MSIL.Injector.W (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment