Trojan

Trojan:Win32/Stealerc.NS!MTB (file analysis)

Malware Removal

The Trojan:Win32/Stealerc.NS!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Stealerc.NS!MTB virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Trojan:Win32/Stealerc.NS!MTB?



File Info:

name: 1F7FB01E535272BBB027.mlw
path: /opt/CAPEv2/storage/binaries/a42ac78078da8790afb6460a0be75c445ca971648d79a5d1f70a752ff0384438
crc32: C73BC4C1
md5: 1f7fb01e535272bbb027db842e8708d8
sha1: 0fc78679b7dd4698c8a7f4cf15f5734854a987fd
sha256: a42ac78078da8790afb6460a0be75c445ca971648d79a5d1f70a752ff0384438
sha512: 8b5132108b35682de266f8846d892297f5cf7a7f2072b0fbe81250191ec91bab84d2324784afc6ca095a6c839f21a46e401b721f73dc4a0d69905bfb6d1842c0
ssdeep: 12288:XB680KNqKYmtww5o7a0dY71Wa+8/SSE2IZHMPfrWqgVu+CHKtnLzMwXWdP3g:XXwmtww5o7a0dmT5/SzZgqTtnLzMNd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17435AE2078918075EEF723B742ECBA76466ED0B4071445FF06D81AEFE7602C16A725BE
sha3_384: d5aadf3f175045ba7f75e1dd752d666aeb605a73dc732b0ba5aa8518cde9f30526843d783af3169b184f300fef4f8d20
ep_bytes: e9f3ff0300e9a76e0500e970860400e9
timestamp: 2023-10-30 12:33:53


Version Info:

0: [No Data]

Trojan:Win32/Stealerc.NS!MTB also known as:

BkavW32.AIDetectMalware
SkyhighBehavesLike.Win32.Generic.th
MalwarebytesMalware.AI.2767843573
K7AntiVirusTrojan ( 005aaa221 )
K7GWTrojan ( 005aaa221 )
CrowdStrikewin/malicious_confidence_70% (D)
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HUYH
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-PSW.Win32.Stealerc.gen
RisingTrojan.Generic@AI.100 (RDML:QnekESR9J6pBEkfmfz5FpQ)
SentinelOneStatic AI – Suspicious PE
VaristW32/Kryptik.KNN.gen!Eldorado
Antiy-AVLTrojan/Win32.GenKryptik
MicrosoftTrojan:Win32/Stealerc.NS!MTB
ZoneAlarmHEUR:Trojan-PSW.Win32.Stealerc.gen
GoogleDetected
BitDefenderThetaGen:NN.ZexaF.36792.dHW@aCjE2V
DeepInstinctMALICIOUS
TencentWin32.Trojan-QQPass.QQRob.Gflw
IkarusTrojan.Win32.Redline
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Kryptik.HUYH!tr
AVGPWSX-gen [Trj]
AvastPWSX-gen [Trj]

How to remove Trojan:Win32/Stealerc.NS!MTB?

Trojan:Win32/Stealerc.NS!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment