What is “Trojan:MSIL/FormBook.AFB!MTB”?

The Trojan:MSIL/FormBook.AFB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan:MSIL/FormBook.AFB!MTB virus can do?

• Sample contains Overlay data
• The binary likely contains encrypted or compressed data.
• Authenticode signature is invalid

How to determine Trojan:MSIL/FormBook.AFB!MTB?

File Info:
name: 4704D4323C43EBF9F86B.mlw
path: /opt/CAPEv2/storage/binaries/eeca1e00bb230753a0f9517ce4600356b19732d10eafb7ebafaa9b55ae7403bc
crc32: D440FD17
md5: 4704d4323c43ebf9f86b696810077218
sha1: 88fc9a1d818931bdae07b2166cf60ee6736efef0
sha256: eeca1e00bb230753a0f9517ce4600356b19732d10eafb7ebafaa9b55ae7403bc
sha512: 2a9f9266c3a768208195d20589d89f83fb10668c2b423389bd2a9e4cfe68aefcf80bae1a6432fca003763afe2bd91f1b0f14c41e0a75c39d4ba9da09bf73be34
ssdeep: 3072:YJ3jOEulJQ/MiyX2SQkg/5/6ye9ERx7dzzxSmASudVIQgTD:YJ3jOfbQ/lkS1UErVASudV/gP
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T113D3E15266A4CFBAD1FD0B3845B024D40372A306F693EB29CED874DE2D537518A5B38B
sha3_384: 52d5ef88be04a578908a618e52cc792e3393bfbe11af3037592976699dbb0bc5a025144ac507be40124517e53a32181a
ep_bytes: 
timestamp: 2024-01-04 09:26:09

Version Info:
0: [No Data]

Trojan:MSIL/FormBook.AFB!MTB also known as:

How to remove Trojan:MSIL/FormBook.AFB!MTB?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.