Trojan

About “Trojan:MSIL/LummaStealer.CCHE!MTB” infection

Malware Removal

The Trojan:MSIL/LummaStealer.CCHE!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/LummaStealer.CCHE!MTB virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Trojan:MSIL/LummaStealer.CCHE!MTB?



File Info:

name: 6B2B82774CA1BC161170.mlw
path: /opt/CAPEv2/storage/binaries/40b2c8937a96f8c487a16197cbdd1394d12fba0141571f8b529f94c87f5e56c6
crc32: A5C47777
md5: 6b2b82774ca1bc161170a2a803638387
sha1: 90ed4f5d751c48ce094813b9971af6b42ccd83ad
sha256: 40b2c8937a96f8c487a16197cbdd1394d12fba0141571f8b529f94c87f5e56c6
sha512: 9e992b11011df9464b8a36ced23db41e565e9896c156d10cde2b6c375242c8daaf4f7a796424818c42cb08b39d152aa287a2a477c405a65db35449c1206cbb4d
ssdeep: 49152:o3TAXbGranK0EOOY+2sduESYKgmSvReju+txoZAmAc:o3UXbGra+OodXNmSpeq0xUdA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E1A5BF907A884ABCF07CF33D99C8524E53F979DB6311E205FFCBF98845B25468AA0D15
sha3_384: 2b35e7aa214d51b7d66fdb2a0ef519cf90710443addcf834137824598dae3901b43aa3080188243ff162e014eb223fc6
ep_bytes: ff250020400000000000000000000000
timestamp: 2071-01-06 12:32:02


Version Info:

Translation: 0x0000 0x04b0
Comments: fsfbrr
CompanyName: eergdf
FileDescription: factura
FileVersion: 1.0.2.0
InternalName: factura.exe
LegalCopyright: Copyright © 2023
LegalTrademarks: 
OriginalFilename: factura.exe
ProductName: factura
ProductVersion: 1.0.2.0
Assembly Version: 1.0.2.0

Trojan:MSIL/LummaStealer.CCHE!MTB also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Crysan.m!c
MicroWorld-eScanTrojan.GenericKD.71442859
SkyhighArtemis!Trojan
McAfeeArtemis!6B2B82774CA1
Cylanceunsafe
VIPRETrojan.GenericKD.71442859
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 005b0c251 )
AlibabaBackdoor:MSIL/LummaStealer.2355b8df
K7GWTrojan ( 005b0c251 )
Cybereasonmalicious.74ca1b
ArcabitTrojan.Generic.D44221AB
VirITTrojan.Win32.Genus.VAZ
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Injector.WJP
APEXMalicious
TrendMicro-HouseCallBackdoor.Win32.ASYNCRAT.YXEA5Z
KasperskyHEUR:Backdoor.MSIL.Crysan.gen
BitDefenderTrojan.GenericKD.71442859
NANO-AntivirusTrojan.Win32.Crysan.kiepzj
AvastWin32:CrypterX-gen [Trj]
TencentMalware.Win32.Gencirc.13ffa062
EmsisoftTrojan.GenericKD.71442859 (B)
F-SecureTrojan.TR/AD.Nanocore.svfhn
DrWebTrojan.Inject5.1932
ZillyaTrojan.Injector.Win32.1742166
TrendMicroBackdoor.Win32.ASYNCRAT.YXEA5Z
FireEyeTrojan.GenericKD.71442859
SophosMal/Generic-S
IkarusTrojan.MSIL.Crypt
WebrootW32.Trojan.Gen
VaristW32/ABRisk.SNMS-5808
AviraTR/AD.Nanocore.svfhn
Antiy-AVLTrojan/MSIL.Kryptik
KingsoftMSIL.Backdoor.Crysan.gen
XcitiumMalware@#1yuij25921jrh
MicrosoftTrojan:MSIL/LummaStealer.CCHE!MTB
ViRobotTrojan.Win.Z.Injector.2146304
ZoneAlarmHEUR:Backdoor.MSIL.Crysan.gen
GDataTrojan.GenericKD.71442859
AhnLab-V3Trojan/Win.Injection.C5582253
BitDefenderThetaGen:NN.ZemsilF.36802.do0@aW!iKbm
ALYacTrojan.GenericKD.71442859
MAXmalware (ai score=86)
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.Crypt.MSIL.Generic
PandaTrj/Chgt.AD
RisingMalware.Obfus/MSIL@AI.83 (RDM.MSIL2:F/Fj9sY7wLxIx6pucXYt7w)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.74418669.susgen
FortinetPossibleThreat.MU
AVGWin32:CrypterX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudTrojan:MSIL/Kryptik.AKQY

How to remove Trojan:MSIL/LummaStealer.CCHE!MTB?

Trojan:MSIL/LummaStealer.CCHE!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment