Trojan

Trojan:MSIL/RedLine.MB!MTB removal

Malware Removal

The Trojan:MSIL/RedLine.MB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/RedLine.MB!MTB virus can do?

  • Sample contains Overlay data
  • The binary likely contains encrypted or compressed data.
  • .NET file is packed/obfuscated with SmartAssembly
  • Authenticode signature is invalid
  • Anomalous .NET characteristics

How to determine Trojan:MSIL/RedLine.MB!MTB?



File Info:

name: FA8B873400BE06FB7A26.mlw
path: /opt/CAPEv2/storage/binaries/38e91e8db0fa5ba72c74b31e9beb9c9f6b44703db0f41500a4d88651b14e4bfc
crc32: 48E8309B
md5: fa8b873400be06fb7a26fb0986250dd3
sha1: bac1bf41324c816476659652925ddb8510e94b9e
sha256: 38e91e8db0fa5ba72c74b31e9beb9c9f6b44703db0f41500a4d88651b14e4bfc
sha512: be78615c5ff39c7a99217c24a39a975a6260ea8bac3f21aa27a28d0fc5d53a27c354b5ef0f55b308dcd1f3653fe00585f6cdb92b5d2ed7c082e56e5e24fc63c9
ssdeep: 98304:XRN2eOEkA62kikrRBDAlHXtA84Pzwa3PPFRSlNTVdmynxIRAEQO1TA:X/hy2ki0RZq36lLJ3PPFRSzTVcST1yA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E3633FDF1251E07E6F111BE01F846A9CC488D5401A20FDA0B26DE709B9BFFE8928D59
sha3_384: 0a180c5d08650a0cc0a1b17f587a2bde58dce2f87897b19a19d387def5e75bbee524b5152787c4dc2adc6f4a31c740d4
ep_bytes: 
timestamp: 2023-06-07 14:45:05


Version Info:

0: [No Data]

Trojan:MSIL/RedLine.MB!MTB also known as:

BkavW32.AIDetectMalware
VirITTrojan.Win32.Genus.REA
ESET-NOD32a variant of MSIL/Kryptik.AHUA
APEXMalicious
CynetMalicious (score: 100)
DrWebTrojan.Inject4.58212
Trapminemalicious.moderate.ml.score
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
XcitiumHeur.Corrupt.PE@1z141z3
MicrosoftTrojan:MSIL/RedLine.MB!MTB
RisingMalware.Obfus/MSIL@AI.96 (RDM.MSIL2:EwK44aKUSVfcBKoDSDZMWA)
FortinetMSIL/Kryptik.AHBB!tr
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Trojan:MSIL/RedLine.MB!MTB?

Trojan:MSIL/RedLine.MB!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment