Trojan

Trojan.MSIL.Quasar.cis (file analysis)

Malware Removal

The Trojan.MSIL.Quasar.cis is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MSIL.Quasar.cis virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.MSIL.Quasar.cis?



File Info:

name: 2F2F7E4C70D86138B7BA.mlw
path: /opt/CAPEv2/storage/binaries/f0efcd8945cee60e24c6642fdba101d894c182f60ca05d8a011890974ec5499a
crc32: 9989AB29
md5: 2f2f7e4c70d86138b7ba51b1b0e36f97
sha1: 493d3a12fc9a3f49ec8a3e7439e720e38fee4f1f
sha256: f0efcd8945cee60e24c6642fdba101d894c182f60ca05d8a011890974ec5499a
sha512: f7bfb4fa7461d4ff09bc18ee1b880f0466edddc139ba8f6a346fc64e2190edb738e7d8b1ddb2f8601b01e1f25ae9c2f66727b6f699fd252a004372eb30fb37b9
ssdeep: 98304:YaFfxykvp4JMeAO7r6ang7zkNTjw5t46XXH9jVaCM8aWnbTt1jmaapWbkUz:YufxymWJMihxU53HH9LaYSfukU
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10F36332098D0C1B3ECF31C7E447AB6A9C992B0279761E093759DA7BA36613D473332D6
sha3_384: c06b603e1646c8be2f5062540c1ad974ac930bcac4f54640cdc18288d68ed2aeb47a1d68ff4421b72ae52fc9498f7ae3
ep_bytes: e8e15c0000e9a4feffff8bff558bec83
timestamp: 2012-07-13 22:47:16


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Realtek Semicondutor.
FileDescription: Realtek HD Audio Universal Service
FileVersion: 1.0.231.1
InternalName: RtkAudUService.exe
LegalCopyright: 2019 (c) Realtek Semicondutor. All rights reserved
LegalTrademarks: 2019 (c) Realtek Semicondutor. All rights reserved
OriginalFilename: RtkAudUService.exe
ProductName: Realtek HD Audio Universal Service
ProductVersion: 1.0.231.1
Assembly Version: 1.0.231.1

Trojan.MSIL.Quasar.cis also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
FireEyeGeneric.mg.2f2f7e4c70d86138
Cylanceunsafe
SangforBackdoor.Msil.Quasar.Vgel
K7AntiVirusTrojan ( 0056c06b1 )
AlibabaTrojan:MSIL/Quasar.66752c4b
K7GWTrojan ( 0056c06b1 )
BitDefenderThetaGen:NN.ZexaF.36804.@t0@a4GkYte
VirITTrojan.Win32.Genus.VMD
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of MSIL/Agent.CYM
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan.MSIL.Quasar.cis
AvastMSIL:Quasar-A [Rat]
TencentMalware.Win32.Gencirc.14070de0
F-SecureHeuristic.HEUR/AGEN.1323984
DrWebBackDoor.Quasar.244
ZillyaTrojan.Quasar.Win32.8116
TrendMicroTrojanSpy.Win32.REDLINE.YXEC3Z
Trapminesuspicious.low.ml.score
SophosMal/Generic-S
IkarusPacked.Win32.Crypt
GoogleDetected
AviraHEUR/AGEN.1323984
KingsoftMSIL.Trojan.Quasar.cis
XcitiumMalware@#1s2xy87aeks8
ZoneAlarmTrojan.MSIL.Quasar.cis
GDataWin32.Trojan.Agent.ZD1ORX
VaristW32/ABRisk.GAHW-7485
AhnLab-V3Trojan/Win.Quasar.C5607169
VBA32Trojan.MSIL.Quasar.Heur
PandaTrj/Chgt.AD
TrendMicro-HouseCallTrojanSpy.Win32.REDLINE.YXEC3Z
RisingTrojan.Generic@AI.100 (RDML:3v1TYaT2FfLCn1Lp+kvmiw)
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Agent.CYM!tr
AVGMSIL:Quasar-A [Rat]
DeepInstinctMALICIOUS
alibabacloudTrojan:MSIL/Quasar.cis

How to remove Trojan.MSIL.Quasar.cis?

Trojan.MSIL.Quasar.cis removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment