Trojan

Trojan:MSIL/Azorult.ST!MTB information

Malware Removal

The Trojan:MSIL/Azorult.ST!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/Azorult.ST!MTB virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • .NET file is packed/obfuscated with Confuser
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Trojan:MSIL/Azorult.ST!MTB?



File Info:

name: 746952C8FD9439FA7E1C.mlw
path: /opt/CAPEv2/storage/binaries/eec956d12026633e4b73a3695bf8410acdbc5a93cdf9782c4d5b2215ba60a894
crc32: AA10AA94
md5: 746952c8fd9439fa7e1c0b272f49319a
sha1: d33b0b6c000120e21f75cd9dc19bb7d6876ca237
sha256: eec956d12026633e4b73a3695bf8410acdbc5a93cdf9782c4d5b2215ba60a894
sha512: dd9a8c9f0aacf99ff3cd4e25e53ad0491bebe099e48b1847171b2d97635ddca4a77c07eeff1c2680341e8d36f27f12707684a9221162a717a8c88b4007432bb2
ssdeep: 6144:R4QpfTAKf4c/Edo/o2Toru5NRmmFXyrxRIIu3gIdHVBWG:zpAw4tdeMiNk+vwcBF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12A54E1883A14B18FC46BC537CAD95C60ABA47D6B9707D103A05B779D890D7DBCF0A0E6
sha3_384: 07bddf7f9b9d58bcd1daad93fda2c8f8ec8c4ecfcc5da5ae630a6367ec86a30d3ba7bf394fba2af51cbb8a9d7a73bbbe
ep_bytes: ff250020400000000000000000000000
timestamp: 2064-02-24 03:39:04


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: VXBVFDGFDFBDHDHDHDHD43
FileVersion: 1.0.0.0
InternalName: VXBVFDGFDFBDHDHDHDHD43.exe
LegalCopyright: Copyright ©  2022
LegalTrademarks: 
OriginalFilename: VXBVFDGFDFBDHDHDHDHD43.exe
ProductName: VXBVFDGFDFBDHDHDHDHD43
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan:MSIL/Azorult.ST!MTB also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanTrojan.GenericKD.62593329
FireEyeGeneric.mg.746952c8fd9439fa
CAT-QuickHealTrojan.IGENERIC
ALYacTrojan.GenericKD.62593329
CylanceUnsafe
VIPRETrojan.GenericKD.62593329
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005989af1 )
AlibabaTrojan:MSIL/Azorult.534fdcc8
K7GWTrojan ( 005989af1 )
Cybereasonmalicious.c00012
CyrenW32/MSIL_Agent.EAN.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.AGNP
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-PSW.MSIL.Azorult.gen
BitDefenderTrojan.GenericKD.62593329
NANO-AntivirusTrojan.Win32.Azorult.jsouug
AvastWin32:PWSX-gen [Trj]
TencentWin32.Trojan.FalseSign.Fwnw
Ad-AwareTrojan.GenericKD.62593329
EmsisoftTrojan.GenericKD.62593329 (B)
DrWebTrojan.PackedNET.1584
ZillyaTrojan.Kryptik.Win32.3912615
TrendMicroTROJ_GEN.R06CC0DIO22
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S + Mal/Generic-L
IkarusTrojan.Inject
GDataTrojan.GenericKD.62593329
WebrootW32.Trojan.Gen
AviraTR/AD.Swotter.bqqkn
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASMalwS.3E3F
ArcabitTrojan.Generic.D3BB1931
MicrosoftTrojan:MSIL/Azorult.ST!MTB
GoogleDetected
AhnLab-V3Trojan/Win.PWSX-gen.C5242821
McAfeeArtemis!746952C8FD94
MalwarebytesMalware.AI.3635107437
TrendMicro-HouseCallTROJ_GEN.R06CC0DIO22
RisingSpyware.Noon!8.E7C9 (CLOUD)
YandexTrojan.Igent.bYLQs2.4
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.73815250.susgen
FortinetPossibleThreat
BitDefenderThetaGen:NN.ZemsilF.34754.rq2@aGdiu8k
AVGWin32:PWSX-gen [Trj]
PandaTrj/Chgt.AA

How to remove Trojan:MSIL/Azorult.ST!MTB?

Trojan:MSIL/Azorult.ST!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment