Trojan

Should I remove “Trojan.MsilFC.S18869252”?

Malware Removal

The Trojan.MsilFC.S18869252 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MsilFC.S18869252 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Network activity detected but not expressed in API logs

How to determine Trojan.MsilFC.S18869252?



File Info:

name: 0E53AA65878BE165B0AF.mlw
path: /opt/CAPEv2/storage/binaries/04b8541ae991e79c61fda86adf4ab2212cb3a66ab69b0d37f990f84d34486124
crc32: 8AD96C8B
md5: 0e53aa65878be165b0afb2b9e5f612b3
sha1: 98fc4736414210bf0a4f1056fdc601d304365cbd
sha256: 04b8541ae991e79c61fda86adf4ab2212cb3a66ab69b0d37f990f84d34486124
sha512: f7f500290c37040ac0048887f6766349ec7583a9a12faa2a081099aeb9b1d2073e6c4451beaa6c11733846a2fc3ed32207f722efab0450340dc4a1a7adf55735
ssdeep: 49152:XPPtX5XnEa/jskcf0c8uXl+oSVgZCVGdt9BwOarXIYbdiSQyWDQog1Co2b:f1JXnEoDcBbXltmaC8n9arJlTWDXdo8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13295235B93984701EBAE6B721CB50F4188F6E1924587DD0D85CA32491CBBB70B379B8F
sha3_384: c4a2fcd4d9d998c67c04e5611afbccd2053ad3587da106794b129747fae01c014de5d9df3b8b9786177fd7a6ed0bb62a
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-08-03 14:02:56


Version Info:

Translation: 0x0000 0x04b0
FileDescription: 174IPS-Simulator.StartTool
FileVersion: 0.0.0.0
InternalName: 174IPS-Simulator.StartTool.exe
LegalCopyright: Copyright © 2015-2019
OriginalFilename: 174IPS-Simulator.StartTool.exe
ProductName: 174IPS-Simulator
ProductVersion: 1.0.0.313b46
Assembly Version: 0.0.0.0

Trojan.MsilFC.S18869252 also known as:

LionicTrojan.Win32.Johnnie.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
CAT-QuickHealTrojan.MsilFC.S18869252
McAfeeGenericRXPN-JI!0E53AA65878B
SangforSuspicious.Win32.Johnnie.365586
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
AvastWin32:TrojanX-gen [Trj]
TrendMicroTROJ_GEN.R002C0PH921
AviraHEUR/AGEN.1134283
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Trojan/Win.Kryptik.C4559353
MalwarebytesMachineLearning/Anomalous.100%
TrendMicro-HouseCallTROJ_GEN.R002C0PH921
IkarusTrojan.Crypt
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
AVGWin32:TrojanX-gen [Trj]
PandaTrj/GdSda.A

How to remove Trojan.MsilFC.S18869252?

Trojan.MsilFC.S18869252 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment