Malware

MSILHeracles.30161 removal tips

Malware Removal

The MSILHeracles.30161 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSILHeracles.30161 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine MSILHeracles.30161?



File Info:

name: 73E4A248ACDC0CD572A7.mlw
path: /opt/CAPEv2/storage/binaries/d545d97720e41f7f77cf35395de9d5004140fef561a40d931a82d2d3fd3c9d44
crc32: F5677804
md5: 73e4a248acdc0cd572a757ed48490e56
sha1: 1f838acdfb6125adeb017a9ffc3cf0b89c6aa661
sha256: d545d97720e41f7f77cf35395de9d5004140fef561a40d931a82d2d3fd3c9d44
sha512: 016d31e3229c515d6b347579576563f4b8acfaf9e5d96fdb9e4ce51c68c994839821bf90651a4aa9f0a2da65bda70955bfe2e9e87b74cc6136a716469556997b
ssdeep: 49152:lCJGh3lCJGh3uCJGh3ZU0Igt6GCJGh3YCJGh3:lCg5lCg5uCg5ZU0Rt6GCg5YCg5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F095AD912A649816CEE531F43460E2784F78DCB41D0A8602A6BE3AEE7F75F5BDDC124C
sha3_384: 3c1db82d832c701fa2d024e315b90b125a91fd29870ab9f6ac0ca2dce08a1a87b9e3f07fec4c85f5b712c441c657ad03
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-08-04 20:45:46


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Dragon Age Installer
FileVersion: 1.0.0.0
InternalName: Dragon Age Installer.exe
LegalCopyright: Copyright ©  2015
OriginalFilename: Dragon Age Installer.exe
ProductName: Dragon Age Installer
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILHeracles.30161 also known as:

MicroWorld-eScanGen:Variant.MSILHeracles.30161
FireEyeGeneric.mg.73e4a248acdc0cd5
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
McAfeeArtemis!73E4A248ACDC
CylanceUnsafe
SangforTrojan.Win32.Surveyer.8
AlibabaTrojan:MSIL/Surveyer.45b6d496
K7GWTrojan ( 0050025b1 )
K7AntiVirusTrojan ( 0050025b1 )
SymantecTrojan Horse
ESET-NOD32a variant of MSIL/Surveyer.EQ
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Variant.MSILHeracles.30161
Ad-AwareGen:Variant.MSILHeracles.30161
EmsisoftGen:Variant.MSILHeracles.30161 (B)
DrWebTrojan.SurveyerNET.10
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.MSILHeracles.30161
AviraTR/Surveyer.pxinn
ArcabitTrojan.MSILHeracles.D75D1
MicrosoftTrojan:Win32/Wacatac.B!ml
BitDefenderThetaGen:NN.ZemsilF.34114.Yr0@auaIkPo
ALYacGen:Variant.MSILHeracles.30161
MAXmalware (ai score=84)
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.4237109357
TrendMicro-HouseCallTROJ_GEN.R002H0CK621
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:XjHoMlm4nyO9JXSo+anjaA)
YandexTrojan.Surveyer!zBM2NLVJBe0
IkarusTrojan.MSIL.Surveyer
MaxSecureTrojan.Malware.300983.susgen
Cybereasonmalicious.8acdc0

How to remove MSILHeracles.30161?

MSILHeracles.30161 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment