About “Trojan.MsilFC.S18288461” infection

The Trojan.MsilFC.S18288461 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.MsilFC.S18288461 virus can do?

Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Trojan.MsilFC.S18288461?


File Info:
name: AD45DFB51A0A5F66744F.mlw
path: /opt/CAPEv2/storage/binaries/d135d02b05e9b1493850567a86b4b8e2dec10bf9871065418b920e9c2edb6209
crc32: 5C683319
md5: ad45dfb51a0a5f66744fd288d0d717e5
sha1: 3c2ad674022dbd5b2e3884eb9e941b84df86bcfa
sha256: d135d02b05e9b1493850567a86b4b8e2dec10bf9871065418b920e9c2edb6209
sha512: d609fd81aad995c85bda2c43293a8b82d587dac54478be34b2c4b67edb7000e917e5225514fbc52197a53cbc90b673fc9054813943f57cfc57ed15d373911f80
ssdeep: 96:ThqUQm6imgJY65gzVdQYalK5POl79q4tEabyoZhwUek8mFT6zNt:wU5bcPjQYal9N9FeaFhwUefU8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10BE1E806BBE14A12EBAF4B7454B313511B72F6128577CBEE0CD8029E5C523518913FF9
sha3_384: 7cd46ace5c950bed9d84cd3ca92a8db95ce26a93fa15dd48eeb553078e76c9ab52e6d5471236eaaa4589e61250fea69c
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-12-19 15:36:51

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: build.exe
LegalCopyright:  
OriginalFilename: build.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Trojan.MsilFC.S18288461 also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoader32.46602
MicroWorld-eScan	Trojan.GenericKD.38135197
FireEye	Generic.mg.ad45dfb51a0a5f66
CAT-QuickHeal	Trojan.MsilFC.S18288461
Zillya	Trojan.ClipBanker.Win32.6175
K7AntiVirus	Trojan ( 700000121 )
Alibaba	Trojan:MSIL/Tasker.28c7ba6f
K7GW	Trojan ( 700000121 )
Cybereason	malicious.4022db
BitDefenderTheta	Gen:NN.ZemsilF.34062.am0@aKHx4zb
Cyren	W32/MSIL_Kryptik.BIV.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/ClipBanker.LZ
TrendMicro-HouseCall	TROJ_GEN.R002C0GKS21
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.MSIL.Tasker.gen
BitDefender	Trojan.GenericKD.38135197
SUPERAntiSpyware	Trojan.Agent/Gen-BitCoinMiner
Avast	Win32:TrojanX-gen [Trj]
Tencent	Msil.Trojan.Tasker.Lnxt
Ad-Aware	Trojan.GenericKD.38135197
Emsisoft	Trojan.GenericKD.38135197 (B)
McAfee-GW-Edition	BehavesLike.Win32.Trojan.zt
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1107325
Antiy-AVL	Trojan/Generic.ASMalwS.3110D32
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
GData	Win32.Trojan-Downloader.Generic.317PYC
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win32.RL_Generic.C3526985
McAfee	Artemis!AD45DFB51A0A
MAX	malware (ai score=82)
VBA32	TScope.Trojan.MSIL
Malwarebytes	Trojan.Banker
APEX	Malicious
Fortinet	MSIL/ClipBanker.LZ!tr
AVG	Win32:TrojanX-gen [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_80% (W)

How to remove Trojan.MsilFC.S18288461?

Trojan.MsilFC.S18288461 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X