Categories: Worm

What is “Worm:MSIL/Shaskooth.A”?

The Worm:MSIL/Shaskooth.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Worm:MSIL/Shaskooth.A virus can do?

Creates RWX memory
A process created a hidden window
Network activity detected but not expressed in API logs
Creates a copy of itself
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Worm:MSIL/Shaskooth.A?


File Info:
crc32: 23DE393Amd5: e40a6e4968ff563c8480f6e53e63fe93name: confira-as-fotos-da-festa-trofeu-atitude-trofeu-atitude-2019-5defea85a863c.exesha1: 01adabdfef41a79b9dfe16e3e76aa2b3e57c032esha256: c2abe130fbea616db20190dc8c7031a1f6d185f3a0cbf26e13d3065cfa006112sha512: 1a85d081b3a1a011ceffa4bfbcfb5b5a502551b208584f1924a69b4f12301d252e8e95b4478054da53eaa77786418d52e36e1ca8e53161a258d43fe884067458ssdeep: 1536:L33PxmKXA9Rsc33i6EBXR2n7dqnfiVDIHMPV0+l/sLOUp:LPxs99zeiVD+EmUsLOUptype: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Version Info:
Translation: 0x0000 0x04b0LegalCopyright: Copyright xa9 Microsoft 2010Assembly Version: 1.0.0.0InternalName: taskhost system 32.exeFileVersion: 1.0.0.0CompanyName: MicrosoftProductName: taskhost system 32ProductVersion: 1.0.0.0FileDescription: taskhost system 32OriginalFilename: taskhost system 32.exe

Worm:MSIL/Shaskooth.A also known as:

Bkav	W32.FakeW7Folder.Fam.Trojan
MicroWorld-eScan	Gen:Variant.MSILPerseus.42425
FireEye	Gen:Variant.MSILPerseus.42425
CAT-QuickHeal	Trojan.GenericFC.S6055997
McAfee	W32/Autorun.worm.hy
Malwarebytes	Worm.AutoRun
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Worm.MSIL.Autorun.o!c
K7AntiVirus	Trojan ( 700000121 )
BitDefender	Gen:Variant.MSILPerseus.42425
K7GW	Trojan ( 700000121 )
Cybereason	malicious.968ff5
TrendMicro	WORM_SHASKOOTH.E
Symantec	Trojan.Gen.2
ESET-NOD32	MSIL/Autorun.Agent.AD
Avast	Win32:GenMaliciousA-THX [Trj]
ClamAV	Win.Trojan.Agent-503293
GData	Gen:Variant.MSILPerseus.42425
Kaspersky	Worm.MSIL.Autorun.hr
Alibaba	Worm:MSIL/Autorun.ecbbcff3
NANO-Antivirus	Trojan.Win32.Autorun.dcmsvd
Rising	Worm.Autorun!8.50 (TFE:C:eprXG0cw2eC)
Endgame	malicious (high confidence)
Emsisoft	Gen:Variant.MSILPerseus.42425 (B)
Comodo	TrojWare.MSIL.Autorun.BNTZ@5hy51a
F-Secure	Heuristic.HEUR/AGEN.1001380
DrWeb	Trojan.MulDrop4.30700
Zillya	Worm.AutoRun.Win32.121885
Invincea	heuristic
McAfee-GW-Edition	W32/Autorun.worm.hy
CMC	Worm.MSIL.Autorun!O
Sophos	Mal/MSIL-JD
Ikarus	Worm.Win32.Msil
Cyren	W32/Trojan.SKRW-0800
MaxSecure	Trojan.Malware.8946323.susgen
Avira	HEUR/AGEN.1001380
MAX	malware (ai score=100)
Antiy-AVL	Worm/MSIL.Autorun
Microsoft	Worm:MSIL/Shaskooth.A
Arcabit	Trojan.MSILPerseus.DA5B9
SUPERAntiSpyware	Trojan.Agent/Gen-Autorun
ZoneAlarm	Worm.MSIL.Autorun.hr
AhnLab-V3	Worm/Win32.AutoRun.R151327
VBA32	Worm.MSIL.Autorun
ALYac	Gen:Variant.MSILPerseus.42425
Ad-Aware	Gen:Variant.MSILPerseus.42425
Cylance	Unsafe
Panda	Generic Malware
Zoner	Trojan.Win32.14388
TrendMicro-HouseCall	WORM_SHASKOOTH.E
Tencent	Msil.Worm.Autorun.Aguk
Yandex	Worm.Autorun!W3CZj6FtmeI
Fortinet	MSIL/AutoRun.AD!worm
Webroot	W32.Wormmsil.Shaskooth.A
AVG	Win32:GenMaliciousA-THX [Trj]
Qihoo-360	Win32/Worm.c91