Trojan

What is “Trojan:MSIL/AgentTesla.KABA!MTB”?

Malware Removal

The Trojan:MSIL/AgentTesla.KABA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/AgentTesla.KABA!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Trojan:MSIL/AgentTesla.KABA!MTB?



File Info:

name: C4203585ABC41A4512C5.mlw
path: /opt/CAPEv2/storage/binaries/b27bf88f70f1113d1a13e2e004f976b0884c6915cee41bc751d6064cf8350098
crc32: 57C5FA37
md5: c4203585abc41a4512c542b5361b973f
sha1: cf069564bb8b3c8f68958aa180cecdf17b78ae69
sha256: b27bf88f70f1113d1a13e2e004f976b0884c6915cee41bc751d6064cf8350098
sha512: 628800ada58e0f8eb4b2f28c5bbe9ac94bc9ce96dfcf616b51e322cdc159739e8b2aa31ade56ec1ec93d1dfe9807857ca0c25de8b93605c6978ec4fe0d403e7a
ssdeep: 12288:MOCvomAsXi4pn5GBzsvZigvxZi9Dc70tkbm1p04Hn6MrDFvomyfW4lEY+:MOCvomxyqe+IgTCDcPbm1pzn5rDF9ylO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T195D42253B244815BC5DFC3FB5CA219772EB456821624D6CD9CFE34DAE8A6F6008E2933
sha3_384: 3e11c61ccdd41cb0978ba4dd7de7ee11f551ceaa3328140be0e20ccde53990509b0da4a95b3002e54f04566c79e09e44
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-10-12 03:01:29


Version Info:

Translation: 0x0000 0x04b0
Comments: Blackjack23
CompanyName: Microsoft
FileDescription: Blackjack23
FileVersion: 1.3.2.2
InternalName: ahkY.exe
LegalCopyright: Copyright © Microsoft 2010
LegalTrademarks: Blackjack23
OriginalFilename: ahkY.exe
ProductName: Blackjack23
ProductVersion: 1.3.2.2
Assembly Version: 1.3.2.1

Trojan:MSIL/AgentTesla.KABA!MTB also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Agensla.i!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.103340
FireEyeTrojan.GenericKDZ.103340
CAT-QuickHealTrojan.MsilFC.S31520899
SkyhighBehavesLike.Win32.Generic.jc
McAfeeArtemis!C4203585ABC4
MalwarebytesGeneric.Malware.AI.DDS
VIPRETrojan.GenericKDZ.103340
SangforInfostealer.Msil.AgentTesla.V8ec
K7AntiVirusTrojan ( 005ac7ef1 )
AlibabaTrojanPSW:MSIL/AveMariaRAT.1fb6c284
K7GWTrojan ( 005ac7ef1 )
BitDefenderThetaGen:NN.ZemsilCO.36804.Mm0@aq2in3g
VirITTrojan.Win32.GenusT.DTAN
SymantecScr.Malcode!gdn34
ESET-NOD32a variant of MSIL/Kryptik.AJWQ
APEXMalicious
TrendMicro-HouseCallTROJ_GEN.R002C0DJN23
Paloaltogeneric.ml
ClamAVWin.Dropper.LokiBot-10022987-0
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefenderTrojan.GenericKDZ.103340
AvastWin32:PWSX-gen [Trj]
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:/3PaWJqHXOKPiKw4KY4cQg)
EmsisoftTrojan.GenericKDZ.103340 (B)
F-SecureHeuristic.HEUR/AGEN.1371198
DrWebTrojan.PackedNET.2450
ZillyaTrojan.Kryptik.Win32.4346498
TrendMicroTROJ_GEN.R002C0DJN23
SophosTroj/Krypt-ABH
IkarusTrojan.MSIL.Inject
GoogleDetected
AviraHEUR/AGEN.1371198
VaristW32/MSIL_Troj.CWU.gen!Eldorado
Antiy-AVLTrojan/MSIL.GenKryptik
KingsoftMSIL.Trojan-PSW.Agensla.gen
MicrosoftTrojan:MSIL/AgentTesla.KABA!MTB
XcitiumMalware@#3nrpy4kngta1w
ArcabitTrojan.Generic.D193AC
ZoneAlarmHEUR:Trojan-PSW.MSIL.Agensla.gen
GDataTrojan.GenericKDZ.103340
AhnLab-V3Trojan/Win.Generic.R611484
VBA32TScope.Trojan.MSIL
ALYacTrojan.GenericKDZ.103340
Cylanceunsafe
PandaTrj/Chgt.AD
TencentMalware.Win32.Gencirc.13f262ae
YandexTrojan.Igent.b00ZzE.2
MAXmalware (ai score=88)
MaxSecureTrojan.Malware.74499699.susgen
FortinetMSIL/Kryptik.AJWQ!tr
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS
alibabacloudTrojan[stealer]:MSIL/Agensla.gen

How to remove Trojan:MSIL/AgentTesla.KABA!MTB?

Trojan:MSIL/AgentTesla.KABA!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment