Trojan

Trojan.MSIL.Strab malicious file

Malware Removal

The Trojan.MSIL.Strab is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MSIL.Strab virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Malay (Brunei Darussalam)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Attempts to repeatedly call a single API many times in order to delay analysis time

How to determine Trojan.MSIL.Strab?



File Info:

name: 008D26EE6355631A7DBB.mlw
path: /opt/CAPEv2/storage/binaries/13f9c32e8bfc963d06a9b9b3e63164ed7b82a75de5a42bb8b7d397fd7a90b822
crc32: B51A83F5
md5: 008d26ee6355631a7dbb69d8141ad973
sha1: 655b6f1a8c011176c182a44d2cde486ed7cd5376
sha256: 13f9c32e8bfc963d06a9b9b3e63164ed7b82a75de5a42bb8b7d397fd7a90b822
sha512: ce89a826bcfebb6cc09e561e053bf13f18fd7b6a2f4e13bf00f2de381ad4cd7aab137afdb75e0fc43d1072736b7c59bac352ce7272d18b479472aa372db5203c
ssdeep: 24576:q7wACWkrfAycdJ+KK7zGxunfUnqshaIq0VkLEwvGDtC9jRkFm/rUr:qgWif4ON7Swsnqs+0I+Z0jRZe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A2052342B690E8C9FE1A45BB7B1BC1BC6976ECD4AF96436B211CAA5F0072350EC07F50
sha3_384: 6bd205ba7dcfd8b919ee11b43521e4e8e0b342a103ba434f140bc4391a4f6a8635808dfedb57332f2788825c960d696c
ep_bytes: ff2594314000cccc0330010007000000
timestamp: 2022-10-01 13:40:07


Version Info:

ProductName: AtomicWealth
ProductVersion: 1.0.0.8
Translation: 0x0409 0x0674

Trojan.MSIL.Strab also known as:

tehtrisGeneric.Malware
FireEyeGeneric.mg.008d26ee6355631a
SkyhighBehavesLike.Win32.Generic.cc
McAfeeArtemis!008D26EE6355
Cylanceunsafe
CrowdStrikewin/malicious_confidence_100% (W)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Strab.gen
RisingMalware.Obfus/MSIL@AI.98 (RDM.MSIL2:MKzqa0PPur8vOf8/3Qn6Bg)
F-SecureTrojan.TR/AD.MalwareCrypter.usvud
Trapminemalicious.high.ml.score
SentinelOneStatic AI – Malicious PE
GoogleDetected
AviraTR/AD.MalwareCrypter.usvud
Kingsoftmalware.kb.c.1000
ZoneAlarmHEUR:Trojan.MSIL.Strab.gen
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZemsilF.36792.1y0@aynEuldO
DeepInstinctMALICIOUS
MalwarebytesMachineLearning/Anomalous.100%
IkarusWin32.Outbreak
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:TrojanX-gen [Trj]
AvastWin32:TrojanX-gen [Trj]

How to remove Trojan.MSIL.Strab?

Trojan.MSIL.Strab removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment