Trojan

What is “TrojanDownloader:MSIL/REntS.SIBA!MTB”?

Malware Removal

The TrojanDownloader:MSIL/REntS.SIBA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanDownloader:MSIL/REntS.SIBA!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the Phonzy malware family
  • Binary compilation timestomping detected

How to determine TrojanDownloader:MSIL/REntS.SIBA!MTB?



File Info:

name: FFBDF8D64841A884BCBE.mlw
path: /opt/CAPEv2/storage/binaries/b8dd8b1acae1a21fb6186a932ece50211727a34b791bf8fb7bc46ec07e4a5be7
crc32: 90C4AC44
md5: ffbdf8d64841a884bcbe74671fb1ba9c
sha1: 9833c312c3c621d2b533158e154d4fced7d49222
sha256: b8dd8b1acae1a21fb6186a932ece50211727a34b791bf8fb7bc46ec07e4a5be7
sha512: 2dcbecddcb3d83d280aa24810389e5324fd59e2307251df54226b2b10b7b19ca4f8caa4037ccf7dbc074d6a5791b866b7c4386bf25661b556e470dbeac39cdfd
ssdeep: 768:9jea7QrabSgmt3ZQiKD/AXRxB0zRQiEGvYq:9jeXc3ilq
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D3F2B6143581B526D2B6573818D3DC6437F4D2B26831C10EADD633EEDE422EAAE897CD
sha3_384: abf42ee122242f24f01a972e43b8495faea9dd459c0f5da7a3c9f529d9f274ada70bb41892ff9b3f14676a20972ee087
ep_bytes: ff250020400000000000000000000000
timestamp: 2056-08-02 07:58:04


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: WindowsFormsApp2
FileVersion: 1.0.0.0
InternalName: WindowsFormsApp2.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: WindowsFormsApp2.exe
ProductName: WindowsFormsApp2
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

TrojanDownloader:MSIL/REntS.SIBA!MTB also known as:

LionicTrojan.MSIL.Reline.i!c
Elasticmalicious (high confidence)
MicroWorld-eScanIL:Trojan.MSILZilla.24554
ALYacIL:Trojan.MSILZilla.24554
MalwarebytesTrojan.Downloader.MSIL
VIPREIL:Trojan.MSILZilla.24554
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 0057f6491 )
AlibabaTrojanDownloader:MSIL/REntS.90092b52
K7GWTrojan-Downloader ( 0057f6491 )
Cybereasonmalicious.2c3c62
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.IID
APEXMalicious
CynetMalicious (score: 99)
KasperskyHEUR:Trojan-PSW.MSIL.Reline.gen
BitDefenderIL:Trojan.MSILZilla.24554
AvastWin32:Trojan-gen
TencentMsil.Trojan-Downloader.Ader.Gplw
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1309610
DrWebTrojan.PWS.Stealer.30787
ZillyaTrojan.Reline.Win32.1341
TrendMicroTROJ_GEN.R002C0DDN23
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.ffbdf8d64841a884
EmsisoftIL:Trojan.MSILZilla.24554 (B)
IkarusTrojan.MSIL.Crypt
GDataIL:Trojan.MSILZilla.24554
AviraHEUR/AGEN.1309610
MAXmalware (ai score=81)
Antiy-AVLTrojan[Downloader]/MSIL.Agent
ArcabitIL:Trojan.MSILZilla.D5FEA
ZoneAlarmHEUR:Trojan-PSW.MSIL.Reline.gen
MicrosoftTrojanDownloader:MSIL/REntS.SIBA!MTB
GoogleDetected
AhnLab-V3Backdoor/Win.Generic.C4580915
Acronissuspicious
McAfeeArtemis!FFBDF8D64841
VBA32TScope.Trojan.MSIL
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0DDN23
RisingBackdoor.Nanobot!8.28C (CLOUD)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.95853585.susgen
FortinetMSIL/Agent.IID!tr.dldr
BitDefenderThetaGen:NN.ZemsilF.36196.cm0@auKvTEb
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove TrojanDownloader:MSIL/REntS.SIBA!MTB?

TrojanDownloader:MSIL/REntS.SIBA!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment