Malware

What is “MSILHeracles.5742”?

Malware Removal

The MSILHeracles.5742 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSILHeracles.5742 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine MSILHeracles.5742?



File Info:

name: AEF9AFF2BA9F70D951F8.mlw
path: /opt/CAPEv2/storage/binaries/f078526a8a4bfb9fc2c1fc9262fa04a4ee28fbf252bfcf6ddd1d0e8227e14c74
crc32: BC709912
md5: aef9aff2ba9f70d951f81a949fc799ae
sha1: a99168fe66a2a374c5e3a741bf5bb046d182ef35
sha256: f078526a8a4bfb9fc2c1fc9262fa04a4ee28fbf252bfcf6ddd1d0e8227e14c74
sha512: b9eaee686c0fb7031e4ec8b4011b6ee1f1dc122c0b34ad8bae6979686e889e04e306ebeff3c443b7de83c3130513db4212f1d11d589eacec98d4ea6e1dde59c1
ssdeep: 1536:K7TfIlgVct+U6sHNsmLIiKj08+CQfhJAaljXoVGlMms9wEeS6P:0TgfHNPjK9+pualjXAGns9BG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BAA3814776881751C95454B2C1FF593003E2AEEB1A33EB943F486BAE0E41BA7DD86B0D
sha3_384: e7b02abfc1cf0c57ed5320f3261d658345af867cdc952840b22b3dd27c3d9102a574da8761142a34720b7f1de76f18f7
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-11-24 07:02:28


Version Info:

Translation: 0x0000 0x04b0
Comments: VLC media player
CompanyName: VLC media player
FileDescription: VLC media player
FileVersion: 3.0.3.0
InternalName: d.exe
LegalCopyright: Copyright © 1996-2018 VideoLAN and VLC Author
LegalTrademarks: VLC media player, VideoLAN and x264 are registered trademarks from VideoLAN
OriginalFilename: d.exe
ProductName: VLC media player
ProductVersion: 3.0.3.0
Assembly Version: 3.0.3.0

MSILHeracles.5742 also known as:

LionicTrojan.MSIL.ClipBanker.7!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.MSILHeracles.5742
FireEyeGeneric.mg.aef9aff2ba9f70d9
McAfeeArtemis!AEF9AFF2BA9F
CylanceUnsafe
ZillyaTrojan.ClipBanker.Win32.5968
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanBanker:MSIL/ClipBanker.6713fac4
K7GWTrojan ( 0056a61a1 )
K7AntiVirusTrojan ( 0056a61a1 )
BitDefenderThetaGen:NN.ZemsilF.34182.gq0@a4clvNh
CyrenW32/MSIL_Kryptik.AQX.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/ClipBanker.PP
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-Banker.MSIL.ClipBanker.gen
BitDefenderGen:Variant.MSILHeracles.5742
NANO-AntivirusTrojan.Win32.ClipBanker.idgsxb
TencentMsil.Trojan-banker.Clipbanker.Lsmb
Ad-AwareGen:Variant.MSILHeracles.5742
EmsisoftGen:Variant.MSILHeracles.5742 (B)
ComodoMalware@#o0mn5sg9srfy
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.AgentTesla.cm
SophosMal/Generic-S
IkarusTrojan.MSIL.ClipBanker
GDataGen:Variant.MSILHeracles.5742
JiangminTrojan.Banker.MSIL.dgi
AviraHEUR/AGEN.1140260
MicrosoftTrojan:Win32/Ymacco.AAF0
CynetMalicious (score: 99)
AhnLab-V3Malware/Win32.RL_Generic.C4212501
ALYacGen:Variant.MSILHeracles.5742
MAXmalware (ai score=82)
VBA32TScope.Trojan.MSIL
MalwarebytesTrojan.MalPack.MSIL
PandaTrj/GdSda.A
RisingTrojan.Generic/MSIL@AI.94 (RDM.MSIL:oDJ7dzIQJPNOja9Ej0VL1g)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.73489558.susgen
FortinetMSIL/ClipBanker.PP!tr
AVGWin32:Trojan-gen
Cybereasonmalicious.2ba9f7
AvastWin32:Trojan-gen

How to remove MSILHeracles.5742?

MSILHeracles.5742 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment