Spy Trojan

About “Trojan:MSIL/SpyNoon.RPX!MTB” infection

Malware Removal

The Trojan:MSIL/SpyNoon.RPX!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/SpyNoon.RPX!MTB virus can do?

  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Trojan:MSIL/SpyNoon.RPX!MTB?



File Info:

name: 1E89F576819162456E58.mlw
path: /opt/CAPEv2/storage/binaries/287e3a626377e6044861fb31c80ad6daf8464f8d11e84b2706204c5216a02afb
crc32: F11AA9FF
md5: 1e89f576819162456e585b2538e7546d
sha1: b17dcea9297a44c0addee2ca887c4d40be5a012d
sha256: 287e3a626377e6044861fb31c80ad6daf8464f8d11e84b2706204c5216a02afb
sha512: 5b4104981b1141ef6fb3f44e753a33fe180ee8cbec0a3fe1a8db06b46697f2944c615b1e993c266d6636a127661ecf06993eec444ab2741ed258874266baf1ca
ssdeep: 48:6bLMAHctgOeg92hdWXyYKrpzsYj0NMw5LSb9pa2JsV0ZqT54tosl0cwFWpfbNtm:NA8T2hd9zzs1dF2JsVIbySzNt
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1D2916305A3F84736E97747326DB253105A7DF710AC57CB6C2084A29BAD273544E62A61
sha3_384: de9c017b84004945b3ceec16fc7f7067d259d4f135694756f6054e12d4e7b81fd499bfa129c0f20f40e67a7047ad315b
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2078-08-02 23:28:06


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: Family
FileVersion: 1.0.0.0
InternalName: JohnPorkSociety.exe
LegalCopyright: Copyright ©  2024
LegalTrademarks: 
OriginalFilename: JohnPorkSociety.exe
ProductName: Family
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan:MSIL/SpyNoon.RPX!MTB also known as:

BkavW64.AIDetectMalware.CS
CynetMalicious (score: 100)
MalwarebytesTrojan.Downloader.MSIL
VirITTrojan.Win64.MSIL_Heur.A
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.QDO
APEXMalicious
KasperskyHEUR:Trojan-Downloader.MSIL.Agent.gen
BitDefenderGen:Variant.Zusy.531851
MicroWorld-eScanGen:Variant.Zusy.531851
AvastWin64:MalwareX-gen [Trj]
EmsisoftGen:Variant.Zusy.531851 (B)
DrWebTrojan.DownLoad4.16138
VIPREGen:Variant.Zusy.531851
SophosTroj/MSILAg-AD
IkarusTrojan.MSIL.SpyNoon
GDataGen:Variant.Zusy.531851
ArcabitTrojan.Zusy.D81D8B
ZoneAlarmHEUR:Trojan-Downloader.MSIL.Agent.gen
MicrosoftTrojan:MSIL/SpyNoon.RPX!MTB
VaristW64/KryptoCibule.A.gen!Eldorado
AhnLab-V3Trojan/Win.SpyNoon.C5570414
ALYacGen:Variant.Zusy.531851
TACHYONTrojan-Downloader/W64.Agent.4608
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetMSIL/Agent.88EA!tr
AVGWin64:MalwareX-gen [Trj]
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Trojan:MSIL/SpyNoon.RPX!MTB?

Trojan:MSIL/SpyNoon.RPX!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment