Trojan

How to remove “Trojan:MSIL/AgentTesla.MUO!MTB”?

Malware Removal

The Trojan:MSIL/AgentTesla.MUO!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/AgentTesla.MUO!MTB virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system

How to determine Trojan:MSIL/AgentTesla.MUO!MTB?



File Info:

crc32: 9CFB2DD8
md5: ab2f8366fd92bf15a6e4ca35e6b44e53
name: AB2F8366FD92BF15A6E4CA35E6B44E53.mlw
sha1: 0acc34346605fadc146945df26cbcc6dfda7de3a
sha256: c34a0f0cfca4f59cc5dbe7588bba82fdf79838593286a80eaad0033df31290de
sha512: 061b58a20f8cad0a3fc199fcab2b87ef06c04d3904a39a6da3f1848682f43657bf8bb13f3b12fd303448f816ae2755c816f73d7d41af23562780ca636bdeb257
ssdeep: 12288:j2xPEGwlLRqZLkPK3Nd61Z1NelbzO/U0evoHvu1ST5W:uLuLIucN41Z1cY/AvoHkj
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: 2017 (C) MDHR
Assembly Version: 30.0.0.0
InternalName: x62fXx671bx884cbNx6a4x62dx626i.exe
FileVersion: 30.0.0.0
CompanyName: Studio MDHR Entertainment Inc.
LegalTrademarks: 
Comments: The Game Award for Best Art Direction
ProductName: Cuphead
ProductVersion: 30.0.0.0
FileDescription: Cuphead
OriginalFilename: x62fXx671bx884cbNx6a4x62dx626i.exe

Trojan:MSIL/AgentTesla.MUO!MTB also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.36366264
FireEyeGeneric.mg.ab2f8366fd92bf15
CAT-QuickHealTrojan.Wacatac
Qihoo-360Win32/Trojan.Generic.HwMAXpoA
McAfeePWS-FCUF!AB2F8366FD92
CylanceUnsafe
AegisLabTrojan.MSIL.Agensla.i!c
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005780e91 )
BitDefenderTrojan.GenericKD.36366264
K7GWTrojan ( 005780e91 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/MSIL_Agent.BUR.gen!Eldorado
SymantecTrojan.Gen.2
ESET-NOD32a variant of MSIL/Kryptik.ZRS
APEXMalicious
AvastWin32:PWSX-gen [Trj]
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
AlibabaTrojan:Win32/Kryptik.ali2000016
NANO-AntivirusTrojan.Win32.Agensla.imchjs
ViRobotTrojan.Win32.Z.Agent.568320.EI
RisingTrojan.Kryptik!8.8 (CLOUD)
Ad-AwareTrojan.GenericKD.36366264
EmsisoftTrojan.Crypt (A)
F-SecureTrojan.TR/Dropper.MSIL.cmzwn
DrWebTrojan.Packed2.42850
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojanSpy.MSIL.NEGASTEAL.THBBCBA
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
SophosMal/Generic-S
IkarusTrojan.MSIL.Inject
JiangminTrojan.PSW.MSIL.bguo
AviraTR/Dropper.MSIL.cmzwn
MAXmalware (ai score=100)
MicrosoftTrojan:MSIL/AgentTesla.MUO!MTB
GridinsoftTrojan.Win32.Packed.oa
ArcabitTrojan.Generic.D22AE7B8
AhnLab-V3Trojan/Win32.RL_Kryptik.C4340351
ZoneAlarmHEUR:Trojan-PSW.MSIL.Agensla.gen
GDataTrojan.GenericKD.36366264
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.36366264
MalwarebytesSpyware.TelegramBot
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojanSpy.MSIL.NEGASTEAL.THBBCBA
TencentWin32.Trojan.Inject.Auto
YandexTrojan.AvsArher.bTJEKx
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Agensla.ZRS!tr.pws
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml
MaxSecureTrojan.Malware.300983.susgen

How to remove Trojan:MSIL/AgentTesla.MUO!MTB?

Trojan:MSIL/AgentTesla.MUO!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment