Trojan

Trojan:MSIL/AgentTesla.BOC!MTB information

Malware Removal

The Trojan:MSIL/AgentTesla.BOC!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/AgentTesla.BOC!MTB virus can do?

  • Presents an Authenticode digital signature
  • Network activity detected but not expressed in API logs

How to determine Trojan:MSIL/AgentTesla.BOC!MTB?



File Info:

crc32: 86382734
md5: 0160978a7835d130f3ce966df506ddf2
name: 0160978A7835D130F3CE966DF506DDF2.mlw
sha1: 625805134e3b1c6d542bd6c4636d9a0783732f68
sha256: 7eb0365d91d0933ba2ca948507764aec29f9c7596fb31826d5721a6b8cb0ebcb
sha512: c05a1b83b66099d63a86e9e35276898ce6c52a80099aab20e238cf1fd5b360fc9baacb1f8f3c825c33fc7cb0971daae5fa919be63e07f8fa3b9d10027675a781
ssdeep: 6144:X/SzFt6unRFfUMbz1OuI+w0NDuJ+QOl651CPbgWy/pQEZ:XKNRFfUMXgUrND6+6rCPUh/qEZ
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright (C) 2008 Realtek Semiconductor Corp.
Assembly Version: 284.421.605.927
InternalName: SqlWorkflowPersistenceService.exe
FileVersion: 918.28.177.219
CompanyName: Realtek Semiconductor Corp.
Comments: Installer for Lenovo System
ProductName: CHCFG
ProductVersion: 918.28.177.219
FileDescription: CHCFG
OriginalFilename: SqlWorkflowPersistenceService.exe

Trojan:MSIL/AgentTesla.BOC!MTB also known as:

K7AntiVirusTrojan ( 0057e3d71 )
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
ALYacTrojan.GenericKD.37129442
CylanceUnsafe
SangforTrojan.MSIL.AgentTesla.BOC
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:MSIL/AgentTesla.1f0752f6
K7GWTrojan ( 0057e3d71 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.ABOC
APEXMalicious
AvastWin32:PWSX-gen [Trj]
BitDefenderTrojan.GenericKD.37129442
MicroWorld-eScanTrojan.GenericKD.37129442
Ad-AwareTrojan.GenericKD.37129442
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZemsilF.34758.1m2@aOfR67
McAfee-GW-EditionPWS-FDAD!0160978A7835
FireEyeTrojan.GenericKD.37129442
EmsisoftTrojan.GenericKD.37129442 (B)
SentinelOneStatic AI – Suspicious PE
AviraTR/Kryptik.ifdnd
MicrosoftTrojan:MSIL/AgentTesla.BOC!MTB
GDataWin32.Worm.LNKSpread.MAYQ7H
AhnLab-V3Trojan/Win.AgentTesla.C4532311
McAfeePWS-FDAD!0160978A7835
MAXmalware (ai score=87)
MalwarebytesMalware.AI.1989431142
IkarusTrojan.MSIL.Crypt
FortinetMSIL/Kryptik.ABOC!tr
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml

How to remove Trojan:MSIL/AgentTesla.BOC!MTB?

Trojan:MSIL/AgentTesla.BOC!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment