Trojan

Trojan:MSIL/AgentTesla.ABQW!MTB information

Malware Removal

The Trojan:MSIL/AgentTesla.ABQW!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/AgentTesla.ABQW!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Malayalam
  • The binary likely contains encrypted or compressed data.
  • .NET file is packed/obfuscated with SmartAssembly
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Binary file triggered YARA rule

How to determine Trojan:MSIL/AgentTesla.ABQW!MTB?



File Info:

name: F9E2CBA1859363981FAF.mlw
path: /opt/CAPEv2/storage/binaries/bad970e9402f9d346e7c58c42253bcedd6fb6ccda7115194ba9538153628778e
crc32: 4A9FD863
md5: f9e2cba1859363981faf603e31397d16
sha1: b12b61363d3150388ac554f0bc46d00106c9dfa6
sha256: bad970e9402f9d346e7c58c42253bcedd6fb6ccda7115194ba9538153628778e
sha512: 60459a9d38a576d85198de144a8aa683acd06a8f8a94e44350cf5262d31a57262281fd9bd3a525a061c3cbd3331b30629357da164a49149df09e33bc5e0e3831
ssdeep: 6144:j0mi4eWGUSUm5FGNMgXDE6PXDsBRHJeqfqdNfN7nIhM1XDsBRHJeq:op4eWGRPgCADtzwHJev7hIhM1zwHJe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12E948C802345BB79E0DB3AB09402A6B7A1235D645C8652D71EFF3EAF357468307E613E
sha3_384: 9731a952108378f2422e491cf9478c48055dcc55c184ae4903e62e6b5236951bc83e379bfce8f146e052084f132e12c7
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-03-24 07:43:57


Version Info:

0: [No Data]

Trojan:MSIL/AgentTesla.ABQW!MTB also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Stealer.12!c
AVGWin32:RATX-gen [Trj]
Elasticmalicious (high confidence)
DrWebTrojan.PackedNET.1923
MicroWorld-eScanIL:Trojan.MSILZilla.26571
FireEyeGeneric.mg.f9e2cba185936398
CAT-QuickHealTrojan.Generic.TRFH930
SkyhighBehavesLike.Win32.Generic.gc
McAfeeArtemis!F9E2CBA18593
MalwarebytesMachineLearning/Anomalous.94%
VIPREIL:Trojan.MSILZilla.26571
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00599fe71 )
AlibabaTrojanSpy:MSIL/Stealer.8cbdccc5
K7GWTrojan ( 00599fe71 )
BitDefenderThetaGen:NN.ZemsilF.36804.zm0@a41yNudG
VirITTrojan.Win32.GenusT.EFOO
Paloaltogeneric.ml
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.AGWQ
APEXMalicious
AvastWin32:RATX-gen [Trj]
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefenderIL:Trojan.MSILZilla.26571
NANO-AntivirusTrojan.Win32.Stealer.jvkoti
TencentMalware.Win32.Gencirc.13b605c4
EmsisoftIL:Trojan.MSILZilla.26571 (B)
F-SecureTrojan.TR/Dropper.MSIL.Gen8
ZillyaTrojan.Kryptik.Win32.4095301
TrendMicroBackdoor.MSIL.AVEMARIA.WLDX
Trapminemalicious.high.ml.score
SophosMal/Generic-S
IkarusTrojan.MSIL.Crypt
VaristW32/MSIL_Kryptik.JLU.gen!Eldorado
AviraTR/Dropper.MSIL.Gen8
Antiy-AVLTrojan/MSIL.Kryptik
MicrosoftTrojan:MSIL/AgentTesla.ABQW!MTB
ArcabitIL:Trojan.MSILZilla.D67CB
ZoneAlarmHEUR:Trojan-Spy.MSIL.Stealer.gen
GDataIL:Trojan.MSILZilla.26571
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5400602
VBA32TScope.Trojan.MSIL
ALYacIL:Trojan.MSILZilla.26571
Cylanceunsafe
PandaTrj/GdSda.A
TrendMicro-HouseCallBackdoor.MSIL.AVEMARIA.WLDX
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:OY7wlZZwRyuwnQ6wmXQBOQ)
YandexTrojan.Agent!uE3B6DFCWKE
MAXmalware (ai score=89)
MaxSecureTrojan.Malware.73709669.susgen
FortinetMSIL/Kryptik.AHUA!tr
DeepInstinctMALICIOUS
alibabacloudTrojan[spy]:MSIL/AgentTesla.ABQW!MTB

How to remove Trojan:MSIL/AgentTesla.ABQW!MTB?

Trojan:MSIL/AgentTesla.ABQW!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment