Trojan

Trojan:MSIL/AgentTesla.CGE!MTB (file analysis)

Malware Removal

The Trojan:MSIL/AgentTesla.CGE!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/AgentTesla.CGE!MTB virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan:MSIL/AgentTesla.CGE!MTB?



File Info:

crc32: 66580765
md5: 8405d7aa4a227f2a322dec9686c81a19
name: 8405D7AA4A227F2A322DEC9686C81A19.mlw
sha1: 42da9277c47314391d1a189ba00c406914b6ad7e
sha256: 00aa547af465f81b69b443c110e965de3961377d2ebdb517a1f20b059ed9768e
sha512: 2808fe7447f7b3ee16a79c26bc9ee4907809f2848843b620fc79c6606013ffc0aec5dd8df678f42a742ed48e710f097c666b089cee5b338a03efda31ca549d05
ssdeep: 3072:6VKnC1F7GF+2znVaQnko5EUlbA4kgbW3xrgkaG6Kn5J:69GFVnV/Zr6hrlaG6y
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

LegalCopyright: Copyright xa9 2020 Flash-Integro LLC. All rights reserved.                                            
FileVersion: 6.7.5.302
CompanyName: Flash-Integro LLC                                           
LegalTrademarks: db67052a 36af 478d aefc afd40a8759c9
Comments: This installation was built with Inno Setup.
ProductName: VSDC Free Video Editor                                      
ProductVersion: 6.7.5.302
FileDescription: VSDC Free Video Editor Setup                                
Guid: a5ecb931-2733-4431-92e2-baa26a4c5690
Translation: 0x0000 0x04e4

Trojan:MSIL/AgentTesla.CGE!MTB also known as:

Elasticmalicious (high confidence)
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
Cybereasonmalicious.7c4731
CyrenW32/MSIL_Kryptik.FCN.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.ACMB
APEXMalicious
SophosML/PE-A
BitDefenderThetaGen:NN.ZemsilF.34088.jm0@ayajZuai
FireEyeGeneric.mg.8405d7aa4a227f2a
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
MicrosoftTrojan:MSIL/AgentTesla.CGE!MTB
MalwarebytesTrojan.Crypt.MSIL.Generic
MaxSecureTrojan.Malware.300983.susgen
Qihoo-360HEUR/QVM03.0.53FF.Malware.Gen

How to remove Trojan:MSIL/AgentTesla.CGE!MTB?

Trojan:MSIL/AgentTesla.CGE!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment