Trojan

Trojan:MSIL/zgRAT.T!MTB removal guide

Malware Removal

The Trojan:MSIL/zgRAT.T!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:MSIL/zgRAT.T!MTB virus can do?

  • Sample contains Overlay data
  • Authenticode signature is invalid
  • CAPE detected the zgRAT malware family
  • Binary compilation timestomping detected

How to determine Trojan:MSIL/zgRAT.T!MTB?



File Info:

name: 4A626490A9D312CD952A.mlw
path: /opt/CAPEv2/storage/binaries/a3dcc97130f92a648948835a910304e26f072d0f6e4a60b55ae6fcb68e378d18
crc32: 44287CC4
md5: 4a626490a9d312cd952a275ef2595641
sha1: 94a7df71c6d03e08f9a7bb624539e174299c38d2
sha256: a3dcc97130f92a648948835a910304e26f072d0f6e4a60b55ae6fcb68e378d18
sha512: 06d7d082fbe1abbcf6baa3983c61c9accdbade48e173dac5a35feab79220e060376893f086be71078de87e8bf5357de7d3d0036cc2bd38b6d10c9d51c638299d
ssdeep: 49152:2v6g1NqO+1YgtwBL8oXiAPT1VdDQWz+j/CHL9hGkiMs72XSI010BVQRtC5gCc:2SFTYOwBL8oXJPTYCHL9Psoio2RwyL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T163367C03FA94DE51C1596633C1DB601893F5D9E12327D70B7EDA23661A033AF9C8E6CA
sha3_384: e542247e71ca6d71d9112dcb3b27fb7c6af7ac77ae29f86b9e77c697a613d5f7d326636bab45247a997f7efc9e0cb7a0
ep_bytes: 
timestamp: 2042-03-30 22:13:40


Version Info:

0: [No Data]

Trojan:MSIL/zgRAT.T!MTB also known as:

BkavW32.AIDetectMalware.CS
SkyhighBehavesLike.Win32.Generic.rh
CrowdStrikewin/malicious_confidence_60% (D)
VirITTrojan.Win32.Genus.UZH
ESET-NOD32a variant of MSIL/Kryptik.AKTB
CynetMalicious (score: 100)
Trapminesuspicious.low.ml.score
GoogleDetected
XcitiumHeur.Corrupt.PE@1z141z3
MicrosoftTrojan:MSIL/zgRAT.T!MTB
VaristW32/Agent.IFX.gen!Eldorado
RisingDownloader.Seraph!8.111C6 (TFE:dGZlOg0iFSvkAiiUGQ)
IkarusTrojan.MSIL.Crypt
Cybereasonmalicious.1c6d03

How to remove Trojan:MSIL/zgRAT.T!MTB?

Trojan:MSIL/zgRAT.T!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment