Malware

Should I remove “MSILHeracles.24588”?

Malware Removal

The MSILHeracles.24588 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSILHeracles.24588 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine MSILHeracles.24588?



File Info:

name: 73085BE0CBFFCAAF7D58.mlw
path: /opt/CAPEv2/storage/binaries/4b9e2da5ca84cbc45a6bd676a853d7339a26c3ed22991f0dc40ffbf6057a55b3
crc32: 7A6E3CDB
md5: 73085be0cbffcaaf7d582bab680c4e56
sha1: a4f2fbc94b0e8bd10ec3898209695927d0a486a8
sha256: 4b9e2da5ca84cbc45a6bd676a853d7339a26c3ed22991f0dc40ffbf6057a55b3
sha512: 836e64f85d693117e2d12bf33de4f0ab509314d32facc6533d2a6a44924045d22f9229840bcd241212bd63080d0c112e51b4987d18817f5430c5c964e6e940dc
ssdeep: 24576:AfWI1ZrG9zY1FShGTehBCObmPq75LXyY1FShGTehBCObmPq75LX:IbZiYGGihIHPqFLyYGGihIHPqFL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17C65DF8F5B7A458BD28967741C61EF3D90229C183919C32E704379CA7BF5BE448E2BB1
sha3_384: 1bd4e30b37725384a1bd3249838a0c21410e543e1c59697f84e042d593b21f4fff21b3ad8aff53c7ddff433b9511133f
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-08-29 03:45:59


Version Info:

Translation: 0x0000 0x04b0
Comments: AFINIX2014 Beta 3.0
CompanyName: AFINIX2014 Beta 3.0
FileDescription: AFINIX2014 Beta 3.0
FileVersion: 1.0.0.0
InternalName: Launcher.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: Launcher.exe
ProductName: AFINIX2014 Beta 3.0
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILHeracles.24588 also known as:

LionicTrojan.Win32.Heracles.4!c
MicroWorld-eScanGen:Variant.MSILHeracles.24588
ALYacGen:Variant.MSILHeracles.24588
CylanceUnsafe
SangforTrojan.Win32.Sabsik.FL
TrendMicro-HouseCallTROJ_GEN.R002H09KQ21
Paloaltogeneric.ml
BitDefenderGen:Variant.MSILHeracles.24588
Ad-AwareGen:Variant.MSILHeracles.24588
EmsisoftGen:Variant.MSILHeracles.24588 (B)
McAfee-GW-EditionArtemis
FireEyeGen:Variant.MSILHeracles.24588
GDataGen:Variant.MSILHeracles.24588
GridinsoftRansom.Win32.Sabsik.sa
CynetMalicious (score: 100)
McAfeeArtemis!73085BE0CBFF
MAXmalware (ai score=80)
MalwarebytesMachineLearning/Anomalous.96%
APEXMalicious
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen

How to remove MSILHeracles.24588?

MSILHeracles.24588 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment