Trojan

How to remove “Trojan:MSIL/Vidar.AANK!MTB”?

Malware Removal

The Trojan:MSIL/Vidar.AANK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/Vidar.AANK!MTB virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Trojan:MSIL/Vidar.AANK!MTB?



File Info:

name: 7FE7F01DD69A1A248292.mlw
path: /opt/CAPEv2/storage/binaries/1cdf369be75c2ed2469ea85c1f06d2f5c07de638b11d96167d620a6e40cde378
crc32: 1BFDF7C2
md5: 7fe7f01dd69a1a248292303611d59019
sha1: 00e557a726e38f919d31478225a58c0a0150fa23
sha256: 1cdf369be75c2ed2469ea85c1f06d2f5c07de638b11d96167d620a6e40cde378
sha512: a79286ed3ecb22e78dba32162a318fbfde9e8c9639f0a6e75cda0e74cd3b8bfe4c5da488b94676baebbdafe5cf02353b09d7354f702ae866481779446df1d39a
ssdeep: 24576:l1fkg7Gkt8SKpHdU8tCQjKXBhSb3Mu/Gzc6lvk22vva4YQ55feoL3N:l1fkgSkt8dtq8UQjKXBszMuVQM73N
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11A852A017F948A01F06A1137D2EEC11807B4AD536AE2F32B79A8336D85763D23D5D9FA
sha3_384: 0ff1e7086640760b24b7ea9df8038ede200f2dd287d7901b21032f7a3e8813f3e90b7f883292101088dc959407996620
ep_bytes: ff250020400000000000000000000000
timestamp: 2088-01-16 00:24:18


Version Info:

CompanyName: ACD Systems International Inc.
FileDescription: ACD Slideshow
FileVersion: 3,6,573,0
InternalName: BaseSlideshow.exe
LegalCopyright: ACD Systems International Inc.  All rights reserved.
OriginalFilename: BaseSlideshow.exe
ProductName: ACD Slideshow
ProductVersion: 3,6,573,0
Translation: 0x0409 0x04e4

Trojan:MSIL/Vidar.AANK!MTB also known as:

BkavW32.AIDetectMalware.CS
LionicTrojan.Win32.Stealer.12!c
Elasticmalicious (high confidence)
MicroWorld-eScanIL:Trojan.MSILZilla.36919
SkyhighArtemis!Trojan
McAfeeArtemis!7FE7F01DD69A
Cylanceunsafe
ZillyaTrojan.Stealer.Win32.126414
SangforInfostealer.Msil.Kryptik.Vgxq
K7AntiVirusTrojan ( 005a90411 )
AlibabaTrojanSpy:MSIL/Stealer.5610946d
K7GWTrojan ( 005a90411 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitIL:Trojan.MSILZilla.D9037
BitDefenderThetaGen:NN.ZemsilF.36680.Tr1@a8gMBedi
VirITTrojan.Win32.GenusT.DOQS
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.AJGW
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefenderIL:Trojan.MSILZilla.36919
AvastWin32:PWSX-gen [Trj]
TencentWin32.Trojan.FalseSign.Xmhl
EmsisoftIL:Trojan.MSILZilla.36919 (B)
F-SecureHeuristic.HEUR/AGEN.1367683
VIPREIL:Trojan.MSILZilla.36919
TrendMicroTROJ_GEN.R002C0DA924
SophosMal/Generic-S
IkarusTrojan.Win32.Generic
WebrootW32.Trojan.FL
VaristW32/MSIL_Agent.FZK.gen!Eldorado
AviraHEUR/AGEN.1367683
Antiy-AVLTrojan/MSIL.GenKryptik
XcitiumMalware@#zgkd05xx1rj1
MicrosoftTrojan:MSIL/Vidar.AANK!MTB
ZoneAlarmHEUR:Trojan-Spy.MSIL.Stealer.gen
GDataIL:Trojan.MSILZilla.36919
GoogleDetected
AhnLab-V3Infostealer/Win.Agent.C5460034
MalwarebytesBackdoor.Remcos
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0DA924
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:FC3H6JEIems3+zvQIqF0KA)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.73709669.susgen
FortinetMSIL/Kryptik.AJDT!tr
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan:MSIL/Vidar.AANK!MTB?

Trojan:MSIL/Vidar.AANK!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment