Trojan

Trojan:MSIL/Seraph.RG!MTB information

Malware Removal

The Trojan:MSIL/Seraph.RG!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/Seraph.RG!MTB virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Serbian (Latin)
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the RedLine malware family
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan:MSIL/Seraph.RG!MTB?



File Info:

name: 931E098677625AD28076.mlw
path: /opt/CAPEv2/storage/binaries/145b521d8b424c18999108abefa90320b68a1944fb3b069c1921af3b7913d5e6
crc32: 4BB8C1F1
md5: 931e098677625ad28076f5d8e4edfe30
sha1: 64c03e0d82bf4d07bd42c7f6e76fce83064c0de7
sha256: 145b521d8b424c18999108abefa90320b68a1944fb3b069c1921af3b7913d5e6
sha512: d3f736fa692ca57ed174346f70a428597cb488574b074e378b1870150ba5579358d774aa3dfe6f03024085af81ca95e7996f833750f68cf9c7378eebdfd6bf3c
ssdeep: 6144:jQf6LMfr7y1zB9tSbkbHwm2nd2D9ZRguXE9ojnU:jdAfH7bkbH6yguXECjn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12D94E06272D0C072D2BB05713836EAA46F3FB9708B2586CB375417AE1E306D16E76367
sha3_384: c20bf7a1a1766ca273c50e686da5e5db80bcbd15dbf361b9fef827fcb80e04b75fb5d6f3f043222f797eee05a23090db
ep_bytes: e8af420000e979feffff8bff558bec51
timestamp: 2022-03-11 17:31:09


Version Info:

FilesVersion: 53.84.7.37
InternalNames: HlameProduction
ProductName: Kloosting
Translation: 0x0500 0x043b

Trojan:MSIL/Seraph.RG!MTB also known as:

BkavW32.AIDetectNet.01
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 00516fdf1 )
K7AntiVirusTrojan ( 00516fdf1 )
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
APEXMalicious
ClamAVWin.Packer.pkr_ce1a-9980177-0
KasperskyUDS:Trojan-Spy.Win32.Stealer.gen
AvastDropperX-gen [Drp]
TrendMicroRansom.Win32.STOP.SMYXDBTB.hp
McAfee-GW-EditionBehavesLike.Win32.Lockbit.gh
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.931e098677625ad2
SophosML/PE-A
IkarusTrojan-Ransom.StopCrypt
MicrosoftTrojan:MSIL/Seraph.RG!MTB
ZoneAlarmUDS:Trojan-Spy.Win32.Stealer.gen
GoogleDetected
Acronissuspicious
Cylanceunsafe
RisingTrojan.Kryptik!1.E2E3 (CLASSIC)
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
AVGDropperX-gen [Drp]

How to remove Trojan:MSIL/Seraph.RG!MTB?

Trojan:MSIL/Seraph.RG!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment