Trojan

TrojanDownloader:MSIL/NanoBot.A!MTB removal tips

Malware Removal

The TrojanDownloader:MSIL/NanoBot.A!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:MSIL/NanoBot.A!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine TrojanDownloader:MSIL/NanoBot.A!MTB?



File Info:

name: 667362442FEBCC34F5F2.mlw
path: /opt/CAPEv2/storage/binaries/eb767e99f19c8270340e24e386a8665649413a649bf31c8dfce21355a5840aac
crc32: F08F06D6
md5: 667362442febcc34f5f2024b9380a757
sha1: 3d4a10e1d04ab708d736f6901a44ee58f903d41f
sha256: eb767e99f19c8270340e24e386a8665649413a649bf31c8dfce21355a5840aac
sha512: a34b4b104886647d618f8645d33a92a4d3fcaa225734716571b6af4469ef152c9f24bbd64704363fe4bce3a32791f089553322efbf35f33ea5b25b3ab5f39aee
ssdeep: 384:8ceIbe8vDtgIasHViaOJxPgLi148qPk6f6qv9V5Fabb7F9RILa2MoUa4ponT3Fox:cYRjiagPa8P69Mbb7zRI8oUa4Czax
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T136E2E93537F48222E1BD9F3AB43015048377B186E835DB4A6E1DE85E3E637D04992B63
sha3_384: eb0fb48908b689f7d99d8f15bf34f8315c2e59aa2bad623ba370dbaea4ca8e3056ef050e68fcd6c4ac047d4d1ad6653e
ep_bytes: ff250020400000000000000000000000
timestamp: 2050-11-09 14:48:20


Version Info:

Translation: 0x0000 0x04b0
Comments: KeyAuth Loader Example
CompanyName: Nelson Cybersecurity LLC
FileDescription: Loader
FileVersion: 1.0.0.0
InternalName: Loader.exe
LegalCopyright: Copyright © KeyAuth.cc
LegalTrademarks: KeyAuth
OriginalFilename: Loader.exe
ProductName: Loader
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

TrojanDownloader:MSIL/NanoBot.A!MTB also known as:

CyrenCloudW32/ABRisk.CHOQ-2161:100:105:50.EB767E99!Threatlookup
BkavW32.Common.84C73D25
LionicTrojan.Win32.Crypt.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Application.Lazy.293017
FireEyeGen:Variant.Application.Lazy.293017
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
McAfeeArtemis!667362442FEB
MalwarebytesRiskWare.Agent
VIPREGen:Variant.Application.Lazy.293017
SangforDownloader.Msil.Lazy.Vzsj
K7AntiVirusTrojan ( 005a9dfc1 )
AlibabaTrojan:MSIL/Generic.5cae1724
K7GWTrojan ( 005a9dfc1 )
CrowdStrikewin/malicious_confidence_90% (W)
ArcabitTrojan.Application.Lazy.D47899
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.LYE
APEXMalicious
CynetMalicious (score: 99)
BitDefenderGen:Variant.Application.Lazy.293017
AvastWin32:TrojanX-gen [Trj]
RisingDownloader.Agent!8.B23 (CLOUD)
EmsisoftGen:Variant.Application.Lazy.293017 (B)
ZillyaDownloader.Agent.Win32.516597
TrendMicroTROJ_GEN.R002C0XEQ23
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
IkarusTrojan.Win64.Agent
AviraTR/Dldr.Agent.gleot
Antiy-AVLRiskWare/Perhaps.HackTool
MicrosoftTrojanDownloader:MSIL/NanoBot.A!MTB
ZoneAlarmTrojan.MSIL.Crypt.idpm
GDataGen:Variant.Application.Lazy.293017
AhnLab-V3Dropper/Win.Generic.C5375311
ALYacGen:Variant.Application.Lazy.293017
MAXmalware (ai score=78)
TrendMicro-HouseCallTROJ_GEN.R002C0XEQ23
TencentMsil.Trojan-Downloader.Ader.Cwnw
YandexTrojan.DL.Agent!m8KQ+KaMf1E
SentinelOneStatic AI – Malicious PE
FortinetRiskware/HackTool
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS

How to remove TrojanDownloader:MSIL/NanoBot.A!MTB?

TrojanDownloader:MSIL/NanoBot.A!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment