Trojan

What is “Trojan:MSIL/Nekark.MBFQ!MTB”?

Malware Removal

The Trojan:MSIL/Nekark.MBFQ!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/Nekark.MBFQ!MTB virus can do?

  • Sample contains Overlay data
  • The binary likely contains encrypted or compressed data.
  • .NET file is packed/obfuscated with SmartAssembly
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Trojan:MSIL/Nekark.MBFQ!MTB?



File Info:

name: BDD30156B73FC75A3B01.mlw
path: /opt/CAPEv2/storage/binaries/8a86c091549265a4bc634e94e5533b4c3d672573bbd4fb90f98265ec3b9a5ec6
crc32: 7FB387C8
md5: bdd30156b73fc75a3b01d7535aa8627a
sha1: ae4c969eaae8fd41fcd1f58b1e115f0e97b42236
sha256: 8a86c091549265a4bc634e94e5533b4c3d672573bbd4fb90f98265ec3b9a5ec6
sha512: db331a2c325747ef52ea5347ff41f2923150b4b4c01983aeab398bbb0dc0ccc037c8c9c12faf3ce2eab8884decf37a9daef7a912f7da6d2b948d6d953ec20084
ssdeep: 98304:gFJIcPMmWScztQ3dIC4PfozaiHSTWNkTkMw/QvMz7QkcoE69gPqA:gFRUmWztu8fKhHlZMf0z7J3E6+SA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EF36335DB78C0EE3C59485BBB052F5A1AB3095AC3617CB8B4D09F4D856363A92C0F4EB
sha3_384: b6243e86f5e3b65d78f2be1f079fe1fc5b006b56bca490068e61298ce298455ebd63ab46f9576eb0f758f9e23671b23a
ep_bytes: 
timestamp: 2023-12-12 13:24:17


Version Info:

0: [No Data]

Trojan:MSIL/Nekark.MBFQ!MTB also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.70999449
FireEyeTrojan.GenericKD.70999449
SkyhighBehavesLike.Win32.Backdoor.rc
ALYacTrojan.GenericKD.70999449
SangforTrojan.Msil.Kryptik.V67p
VirITTrojan.Win32.MSIL_Heur.A
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/Kryptik.AHUA
CynetMalicious (score: 100)
ClamAVWin.Packed.Generic-10016984-0
AlibabaTrojan:MSIL/Nekark.c772f7d7
TencentMsil.Trojan.Kryptik.Tdkl
DrWebTrojan.Inject5.49
ZillyaTrojan.Kryptik.Win32.4395626
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
IkarusTrojan.MSIL.Crypt
VaristW32/MSIL_Agent.HBW.gen!Eldorado
XcitiumHeur.Corrupt.PE@1z141z3
ArcabitTrojan.Generic.D43B5D99
MicrosoftTrojan:MSIL/Nekark.MBFQ!MTB
GoogleDetected
MAXmalware (ai score=85)
MalwarebytesMalware.AI.3988207953
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:to1Mm8aMuAS24IuuO2TzvQ)
SentinelOneStatic AI – Suspicious PE
FortinetMSIL/Kryptik.AHBB!tr
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Trojan:MSIL/Nekark.MBFQ!MTB?

Trojan:MSIL/Nekark.MBFQ!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment