My main file Bravo8.exe has been detected by the newest updated Kaspersky Internet Security in Windows 10 as “HEUR:Trojan.MSIL.Crypt.gen”.
But undetected on https://opentip.kaspersky.com/
This file is written by C# .NET Framework 4.5 just copy itself to temp folder to run then create a new AppDomain with shadow-copy then ExecuteAssembly other .NET executable file.
The file using babelfor.NET 8.7 to obfuscate, merging, anti-reflect, anti-tampering… I’ve attached it here.
What should I do now?