Malware

How to remove “MSILHeracles.31987”?

Malware Removal

The MSILHeracles.31987 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What MSILHeracles.31987 virus can do?

  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid
  • CAPE detected the JesterStealer malware family
  • Binary compilation timestomping detected
  • Unusual version info supplied for binary

How to determine MSILHeracles.31987?


File Info:

name: 01FCBFCA263B93CD0459.mlw
path: /opt/CAPEv2/storage/binaries/74786b31012fc87e502acccb3e33629a53a8d9ce1e3f41e693272026a9f78501
crc32: 5C619843
md5: 01fcbfca263b93cd045959954e91c0a6
sha1: 60a696b25262bd81152eddeb797400aee3a674e3
sha256: 74786b31012fc87e502acccb3e33629a53a8d9ce1e3f41e693272026a9f78501
sha512: 9cc628ec04e45bdf0f5bf75ae03d872df393194a5a988c397d512a5180b46e2456e9815f434341804ffc8954353b29d59cac8de8ae4ef486920c5ffc3a9dcc63
ssdeep: 12288:bwsOfw5XwIFz20S/DEZzQQNXZJJ8c45nVx9mJGJgahg1a:3wIQ2XTh45nX4v
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T136D4E9207FEA4529F1B2693DCDBB2233C3AD72631B17734A751122861E135A9CDC36A7
sha3_384: 9a2653a0504503821b79138b382e9cbfea68966224517dcf871c4538582a432770e913c10973a9f8be2f61b1b7d08d6a
ep_bytes: ff250020400000000000000000000000
timestamp: 2091-04-10 09:12:48

Version Info:

Translation: 0x0000 0x04b0
Comments:
CompanyName:
FileDescription: Windows Security Services
FileVersion: 1.0.0.9
InternalName: Stealer.exe
LegalCopyright: Copyright © Microsoft 2019
LegalTrademarks:
OriginalFilename: Stealer.exe
ProductName:
ProductVersion: 1.0.0.9
Assembly Version: 1.0.0.9

MSILHeracles.31987 also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanGen:Variant.MSILHeracles.31987
FireEyeGeneric.mg.01fcbfca263b93cd
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
ALYacGen:Variant.MSILHeracles.31987
K7AntiVirusPassword-Stealer ( 0057dc991 )
K7GWPassword-Stealer ( 0057dc991 )
Cybereasonmalicious.25262b
ArcabitTrojan.MSILHeracles.D7CF3
CyrenW32/MSIL_Kryptik.HBH.gen!Eldorado
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Spy.Agent.CVT
APEXMalicious
ClamAVWin.Trojan.PasswordStealer-9942284-0
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
BitDefenderGen:Variant.MSILHeracles.31987
AvastWin32:SpywareX-gen [Trj]
Ad-AwareGen:Variant.MSILHeracles.31987
McAfee-GW-EditionTrojan-FRAX!01FCBFCA263B
EmsisoftGen:Variant.MSILHeracles.31987 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1203035
MicrosoftTrojan:Win32/Sabsik.TE.B!ml
GDataGen:Variant.MSILHeracles.31987
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.FRAX.C5124692
McAfeeTrojan-FRAX!01FCBFCA263B
MAXmalware (ai score=80)
MalwarebytesSpyware.PasswordStealer
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.CVT!tr.spy
BitDefenderThetaGen:NN.ZemsilF.34666.Nm0@aqCVfdm
AVGWin32:SpywareX-gen [Trj]
CrowdStrikewin/malicious_confidence_60% (D)

How to remove MSILHeracles.31987?

MSILHeracles.31987 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment