Trojan

Trojan.MSIL.YBM removal

Malware Removal

The Trojan.MSIL.YBM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MSIL.YBM virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Trojan.MSIL.YBM?



File Info:

name: EE79B3C9D097F70BB265.mlw
path: /opt/CAPEv2/storage/binaries/7272ca135c1efabda948469e53369a3c498e2f20cabcd7b16a6650f56b5496bb
crc32: 46852610
md5: ee79b3c9d097f70bb2653e56dc3fe9b7
sha1: fe0cdca8635c07b71cf0d4ea5ce97c3fe03c3934
sha256: 7272ca135c1efabda948469e53369a3c498e2f20cabcd7b16a6650f56b5496bb
sha512: 83118239afc9e2d16695646aa05fb33a3e6f976ff34aa1d13153395223cdaae9db812775b2b651352f55b4f3f325a850e6eb144c9b19855cc5995f5ab19df8c9
ssdeep: 768:dAze30RWTasL3I3o2aj9n/bu4gygiOObCXSx17QXmW9:diRcaRWtbu4gy/OPk8mW9
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1FBE2C043D3A8C83BD96B473599A397B09775F2069D13DB6609CC124F6E615880942F3F
sha3_384: dddc6887d35949c39bdaa679e53ad0335cef9ed1cea2f2ea11666caa47d34d3ea01d311f96a7c27f1859aa25dfe82878
ep_bytes: ff250020400000000000000000000000
timestamp: 2049-03-17 08:57:11


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Dragonborn
FileVersion: 1.0.0.0
InternalName: botnet.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: botnet.exe
ProductName: Dragonborn
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan.MSIL.YBM also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.MSIL.YBM
FireEyeTrojan.MSIL.YBM
SkyhighArtemis!Trojan
ALYacTrojan.MSIL.YBM
Cylanceunsafe
ZillyaTrojan.Agent.Win32.2627413
AlibabaTrojan:MSIL/Generic.0e5b44bb
ArcabitTrojan.MSIL.YBM
BitDefenderThetaGen:NN.ZemsilF.36744.cm0@amiZgLo
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/Agent.DTL
APEXMalicious
KasperskyHEUR:Backdoor.MSIL.Agent.gen
BitDefenderTrojan.MSIL.YBM
AvastWin32:Trojan-gen
RisingBackdoor.Agent!8.C5D (CLOUD)
SophosMal/Generic-S
VIPRETrojan.MSIL.YBM
EmsisoftTrojan.MSIL.YBM (B)
IkarusTrojan.MSIL.Agent
JiangminBackdoor.MSIL.fpxb
Antiy-AVLTrojan[Backdoor]/MSIL.Agent
MicrosoftTrojan:MSIL/Tnega!MSR
ZoneAlarmHEUR:Backdoor.MSIL.Agent.gen
GDataMSIL.Trojan.Dragonborn.A
GoogleDetected
McAfeeArtemis!EE79B3C9D097
MAXmalware (ai score=89)
MalwarebytesTrojan.VBAgent
PandaTrj/GdSda.A
TencentMsil.Backdoor.Agent.Kqil
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Trojan.MSIL.YBM?

Trojan.MSIL.YBM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment