Spy Trojan

TrojanSpy:MSIL/Bancos malicious file

Malware Removal

The TrojanSpy:MSIL/Bancos is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What TrojanSpy:MSIL/Bancos virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.

How to determine TrojanSpy:MSIL/Bancos?



File Info:

crc32: 2766A20A
md5: f8987a4dd66edf76f1bbf41578c35a05
name: F8987A4DD66EDF76F1BBF41578C35A05.mlw
sha1: ae73134c6cb1f6f1571af6a51893f1feeb512892
sha256: 0c10aeb3fdf4fb0d36250d12578227599f8f2509861b6e09e27413aeb044dfa0
sha512: a2601e4020f6255ed580434f9ca0ab48b6004b8d33d05e0a1de9c346966f1532fb09600f7a7c805c77852bff27d71f179e0be606dd23754efdb2794f4f010f80
ssdeep: 3072:2R7TFRKjMNwdod8ZtU6fgOKr3kMPw202Y3MgP6gC+DzVthmNJX:2R/SHdCzxvOGgOMtO
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

LegalCopyright: Copyright xa9  2013
Assembly Version: 11,9,900,170
InternalName: FlashPlayerPlugin.exe
FileVersion: 11,9,900,170
ProductName: Shockwave Flash
ProductVersion: 11,9,900,170
FileDescription: Adobe Flash Player 11.9 r900
OriginalFilename: FlashPlayerPlugin.exe
Translation: 0x0000 0x04b0

TrojanSpy:MSIL/Bancos also known as:

DrWebTrojan.VBKlip
MicroWorld-eScanGen:Variant.MSILPerseus.205041
FireEyeGeneric.mg.f8987a4dd66edf76
ALYacGen:Variant.MSILPerseus.205041
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004d8f3a1 )
BitDefenderGen:Variant.MSILPerseus.205041
K7GWTrojan ( 004d8f3a1 )
Cybereasonmalicious.dd66ed
BitDefenderThetaGen:NN.ZemsilF.34608.jq0@aa7Vnub
CyrenW32/Banker.AU.gen!Eldorado
SymantecTrojan.Banclip
APEXMalicious
AvastWin32:ClipBanker-D [Trj]
KasperskyTrojan-Banker.MSIL.Agent.jy
AlibabaTrojanBanker:MSIL/Bancos.4f16f32f
NANO-AntivirusTrojan.Win32.VBKlip.cszvyd
RisingTrojan.ClipBanker!8.5FB (CLOUD)
Ad-AwareGen:Variant.MSILPerseus.205041
SophosTroj/ClipBan-A
ComodoMalware@#2sp633a0u54kp
ZillyaTrojan.Agent.Win32.492984
TrendMicroTSPY_BANKER.NCA
McAfee-GW-EditionTrojan-FDLS!F8987A4DD66E
EmsisoftGen:Variant.MSILPerseus.205041 (B)
IkarusTrojan-Spy.MSIL.CliBanker
AviraHEUR/AGEN.1123857
KingsoftWin32.Troj.Banker.(kcloud)
MicrosoftTrojanSpy:MSIL/Bancos
ArcabitTrojan.MSILPerseus.D320F1
AhnLab-V3Trojan/Win32.ClipBanker.C255190
GDataGen:Variant.MSILPerseus.205041
CynetMalicious (score: 85)
ESET-NOD32MSIL/ClipBanker.A
McAfeeTrojan-FDLS!F8987A4DD66E
MAXmalware (ai score=99)
VBA32TScope.Trojan.MSIL
MalwarebytesBackdoor.Bot
PandaTrj/CI.A
TrendMicro-HouseCallTSPY_BANKER.NCA
TencentMalware.Win32.Gencirc.114bab25
YandexTrojan.PWS.Agent!Tv0+jAuD/3M
eGambitUnsafe.AI_Score_99%
FortinetMSIL/ClipBanker.A!tr
WebrootW32.Trojan.Gen
AVGWin32:ClipBanker-D [Trj]
Qihoo-360Win32/Trojan.c6f

How to remove TrojanSpy:MSIL/Bancos?

TrojanSpy:MSIL/Bancos removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment