Trojan:MSIL/ArkeiStealer.ABZX!MTB information

The Trojan:MSIL/ArkeiStealer.ABZX!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:MSIL/ArkeiStealer.ABZX!MTB virus can do?

CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Trojan:MSIL/ArkeiStealer.ABZX!MTB?


File Info:
name: 7D33CF3B6FAD62DBA288.mlw
path: /opt/CAPEv2/storage/binaries/052080415d0fdca2d479e33e449c94dd3bda98d47616da0a68824c3a53543653
crc32: F797EA6C
md5: 7d33cf3b6fad62dba28838173b0d6773
sha1: 483478033abd724e1d074c2dfbc43c2945104f67
sha256: 052080415d0fdca2d479e33e449c94dd3bda98d47616da0a68824c3a53543653
sha512: ea3788b8c09d4d069088f405e20aa4413f04cb5b27e973a4fe424a35acb296da185e928b709637d2195ff12838cc816fcdcf52e21b57dd0dffe2ae3697a70a1f
ssdeep: 12288:pTr1fVXbGscQDtYM4cq+9VqmHPZhknPfydy+FxNX32:pTFVXbGscQDSM4cquqIk3+vM
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T137E4F1802F614543C76A453AF0D7E12503739F67B523D6AB39AE730E9F637631A20AC9
sha3_384: 0891217957aa975509f272232f526fb20e873062fbaf2fbe6cf4b33769bccbbe4c45784531b7e47b2351d8c56d9560c8
ep_bytes: ff250020400000000000000000000000
timestamp: 2023-06-09 22:07:55

Version Info:
Translation: 0x0000 0x04b0
Comments: Hardwear Accelerator Wizard
CompanyName: Gretech Corp.
FileDescription: HWAccelWzd
FileVersion: 1.1.0.1
InternalName: HWAccelWzd.exe
LegalCopyright: Copyright(c) Gretech Corp.  All rights reserved.
OriginalFilename: HWAccelWzd.exe
ProductName: Hardwear Accelerator Wizard
ProductVersion: 1.1.0.1
Assembly Version: 1.1.0.1

Trojan:MSIL/ArkeiStealer.ABZX!MTB also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Stealer.12!c
MicroWorld-eScan	Gen:Variant.Lazy.351956
FireEye	Generic.mg.7d33cf3b6fad62db
ALYac	Gen:Variant.Lazy.351956
Malwarebytes	Malware.AI.2562615827
Sangfor	Trojan.Msil.Lazy.Vzhg
Alibaba	TrojanSpy:MSIL/Stealer.0b22c17b
Cybereason	malicious.33abd7
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Kryptik.AJBF
APEX	Malicious
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefender	Gen:Variant.Lazy.351956
Avast	Win32:PWSX-gen [Trj]
Emsisoft	Gen:Variant.Lazy.351956 (B)
F-Secure	Trojan.TR/AD.GenSteal.ppsav
VIPRE	Gen:Variant.Lazy.351956
TrendMicro	TROJ_GEN.R002C0DFI23
McAfee-GW-Edition	Artemis!Trojan
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Lazy.351956
Avira	TR/AD.GenSteal.ppsav
Arcabit	Trojan.Lazy.D55ED4
ZoneAlarm	HEUR:Trojan-Spy.MSIL.Stealer.gen
Microsoft	Trojan:MSIL/ArkeiStealer.ABZX!MTB
Google	Detected
McAfee	Artemis!7D33CF3B6FAD
MAX	malware (ai score=88)
Cylance	unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DFI23
Rising	Stealer.Agent!8.C2 (CLOUD)
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	Malicious_Behavior.SB
BitDefenderTheta	Gen:NN.ZemsilF.36250.Qq0@aafBAYd
AVG	Win32:PWSX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Trojan:MSIL/ArkeiStealer.ABZX!MTB?

Trojan:MSIL/ArkeiStealer.ABZX!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X