Malware

Mal/Generic-S + MSIL/Obfus-O information

Malware Removal

The Mal/Generic-S + MSIL/Obfus-O is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/Generic-S + MSIL/Obfus-O virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Mal/Generic-S + MSIL/Obfus-O?



File Info:

name: DFF6B8004218DA87A1C8.mlw
path: /opt/CAPEv2/storage/binaries/81fcc54ce1ebd019bb627d176d07fb6912e54719c1c5dae1c440cf418ce88952
crc32: 46A7D812
md5: dff6b8004218da87a1c87e84880744db
sha1: d3f9e6437606b9c141e7dede29d02a739049a633
sha256: 81fcc54ce1ebd019bb627d176d07fb6912e54719c1c5dae1c440cf418ce88952
sha512: cc5f5e57c57ac122311444404e569b3026255a9f6474370e8f17bb9c2b0a6e916a1e453188c5ee531ccd71342497132c495cff88ef2aab84d1e908d96bda7e4c
ssdeep: 98304:k+ltMUUjIDKxtUebuc6RbLwN9bsqgEUC2ZlZlvl4lplI87U2Jo2Q8P:k+ltMUQIDKxtUebuc6R/wN9bsqgEUCYe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FB56599CAB685E43EF0FBBB24E625980CFF11CD5DA71588E2B5489E8F3080559C17F98
sha3_384: 913e6891111ba42f0bd2d0fa9fc315d633a62bec782dc0d1f51cca513466d169abcc7ba2a9dbfc661aa85081d6422dd7
ep_bytes: ff250020400000000000000000000000
timestamp: 2101-06-22 19:11:02


Version Info:

Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: Loader.exe
LegalCopyright:  
OriginalFilename: Loader.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Mal/Generic-S + MSIL/Obfus-O also known as:

FireEyeGeneric.mg.dff6b8004218da87
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0059119d1 )
K7GWTrojan ( 0059119d1 )
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Packed.DotNetGuard.A suspicious
TrendMicro-HouseCallTROJ_GEN.R002H07G522
KasperskyUDS:Trojan.Multi.GenericML.xnet
McAfee-GW-EditionBehavesLike.Win32.Generic.tm
SentinelOneStatic AI – Malicious PE
Trapminesuspicious.low.ml.score
SophosMal/Generic-S + MSIL/Obfus-O
Antiy-AVLTrojan/Win32.Wacatac
MicrosoftProgram:Win32/Wacapew.C!ml
CynetMalicious (score: 100)
Acronissuspicious
McAfeeArtemis!DFF6B8004218
MalwarebytesMalware.Heuristic.1004
APEXMalicious
FortinetPossibleThreat.PALLAS.H
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Mal/Generic-S + MSIL/Obfus-O?

Mal/Generic-S + MSIL/Obfus-O removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment