Trojan

Trojan:MSIL/RedLine.DS!MTB removal tips

Malware Removal

The Trojan:MSIL/RedLine.DS!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/RedLine.DS!MTB virus can do?

  • Sample contains Overlay data
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Trojan:MSIL/RedLine.DS!MTB?



File Info:

name: E6B2999912BEBE474A03.mlw
path: /opt/CAPEv2/storage/binaries/dc9f3b1304370df7d2fecc3d3db23774904b5b8e00ca2d18c246dbcbfc073145
crc32: 1A8F2AD8
md5: e6b2999912bebe474a0359d0d757928c
sha1: 3410cc2eb893d684892c1d0d20db6aca65f979aa
sha256: dc9f3b1304370df7d2fecc3d3db23774904b5b8e00ca2d18c246dbcbfc073145
sha512: 8d107b8a2a7a9573ce8cbf5341af70578ec8b7a8aa94dd334a213c319d2c9c28858bcf1016d865c1b5cbb9abcd41dea3b04b727e72e470f4bb7d2c7c19f9d079
ssdeep: 1536:0qskoqu3lbG6jejoigIH43Ywzi0Zb78ivombfexv0ujXyyed2atmulgS6pul:yt1FYH+zi0ZbYe1g0ujyzdeu
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1ABC35D3067AC9F19EAFD1B75B4B2012043F0E08A9091FB4A4DC164E71FA7B865957EF2
sha3_384: 92d8270b73df46a8b7166a8082e75f08a8ab3e2157a1736dc5054ce8c7c56a15a06f26d4b33a0da7e9d12e5d1543fe5f
timestamp: 2097-08-14 23:34:58


Version Info:

0: [No Data]

Trojan:MSIL/RedLine.DS!MTB also known as:

SkyhighBehavesLike.Win32.Generic.cm
McAfeeGenericRXTE-PZ!E6B2999912BE
MalwarebytesGeneric.Spyware.Stealer.DDS
SangforTrojan.Win32.Save.a
K7AntiVirusUnwanted-Program ( 0059886f1 )
K7GWUnwanted-Program ( 0059886f1 )
CrowdStrikewin/malicious_confidence_100% (D)
ElasticWindows.Trojan.RedLineStealer
APEXMalicious
ClamAVWin.Malware.Bulz-9880537-0
RisingBackdoor.SectopRAT!1.DA27 (CLASSIC)
SophosGeneric ML PUA (PUA)
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.e6b2999912bebe47
IkarusTrojan-Spy.RedLineStealer
GoogleDetected
VaristW32/MSIL_Agent.DNE.gen!Eldorado
Kingsoftmalware.kb.a.991
MicrosoftTrojan:MSIL/RedLine.DS!MTB
XcitiumHeur.Corrupt.PE@1z141z3
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.PZ.R618795
DeepInstinctMALICIOUS
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
Cybereasonmalicious.eb893d

How to remove Trojan:MSIL/RedLine.DS!MTB?

Trojan:MSIL/RedLine.DS!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment