MSIL/Riskware.OpenBullet.A removal tips

The MSIL/Riskware.OpenBullet.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Riskware.OpenBullet.A virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine MSIL/Riskware.OpenBullet.A?


File Info:
name: 314E8E0FC8A779EB1FA6.mlw
path: /opt/CAPEv2/storage/binaries/f997c8624e10e1f063cebad7a0902fc4164281f4c1b976666ea59aa928753dd4
crc32: 1CBAA676
md5: 314e8e0fc8a779eb1fa67fd939c148ce
sha1: 23e15fe83e1a58c288e421cf95302d8f32b22599
sha256: f997c8624e10e1f063cebad7a0902fc4164281f4c1b976666ea59aa928753dd4
sha512: 23bc35f1b765d1eb422a0ea3e39bb6606b60fe5630f8272f823b397b5f47fd18a2894383594a1b1e6c6e3cdfebc9553ef723627d828a65e0e0d56545e2ae9e90
ssdeep: 12288:VB3VsPD8jW+OmvzpIW5Ete1zmbqqa1m8BMst6XC+9gyIQ/R7ZPc4eDE+144XejVs:yDqvvh1TfFIH9gYRRcY+TeZ6risSmL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16345C05133740A9ED1B70BB9D87581A06676BD09A3FAC78E399D14CDBF68302CB12367
sha3_384: 4f9dbbdc76f88617b2f4c764b9a79a17048f3f53e734e788a56655b0e6cade09a6344036cbae8b68efacacc5f5679ed3
ep_bytes: ff250020400000000100000001010100
timestamp: 2020-02-06 02:44:05

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: OpenBullet
FileVersion: 1.0.0.0
InternalName: OpenBullet.exe
LegalCopyright: Copyright ©  2018
LegalTrademarks: 
OriginalFilename: OpenBullet.exe
ProductName: OpenBullet
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Riskware.OpenBullet.A also known as:

Bkav	W32.AIDetectNet.01
Lionic	Riskware.Win32.Heracles.1!c
MicroWorld-eScan	Gen:Variant.MSILHeracles.11475
FireEye	Gen:Variant.MSILHeracles.11475
CAT-QuickHeal	Trojan.PupHacktool
ALYac	Gen:Variant.MSILHeracles.11475
Cylance	Unsafe
VIPRE	Gen:Variant.MSILHeracles.11475
Sangfor	Riskware.Win32.Agent.V6f3
K7AntiVirus	Riskware ( 0058ba6d1 )
K7GW	Riskware ( 0058ba6d1 )
Cybereason	malicious.fc8a77
Cyren	W32/ABRisk.YMDF-1859
ESET-NOD32	a variant of MSIL/Riskware.OpenBullet.A
BitDefender	Gen:Variant.MSILHeracles.11475
Tencent	Malware.Win32.Gencirc.10d021d9
Ad-Aware	Gen:Variant.MSILHeracles.11475
Emsisoft	Gen:Variant.MSILHeracles.11475 (B)
Zillya	Tool.OpenBullet.Win32.40
TrendMicro	HackTool.MSIL.OpenBullet.A
Sophos	Mal/Generic-R
Jiangmin	Trojan.Sdum.wl
Antiy-AVL	Trojan/Generic.ASMalwS.721F
Microsoft	Trojan:Win32/Wacatac.A!ml
Arcabit	Trojan.MSILHeracles.D2CD3
GData	Gen:Variant.MSILHeracles.11475
MAX	malware (ai score=80)
Malwarebytes	RiskWare.OpenBullet
TrendMicro-HouseCall	HackTool.MSIL.OpenBullet.A
Rising	Trojan.Sdum!8.1155F (CLOUD)
MaxSecure	Trojan.Malware.95448701.susgen
Panda	PUP/Hacktool

How to remove MSIL/Riskware.OpenBullet.A?

MSIL/Riskware.OpenBullet.A removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X