Malware

MSILPerseus.104124 removal instruction

Malware Removal

The MSILPerseus.104124 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSILPerseus.104124 virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine MSILPerseus.104124?



File Info:

name: 411F1201D75977ADDC66.mlw
path: /opt/CAPEv2/storage/binaries/df01c33f9913ac84ee2417d60ffc1704c09a106c31d66cbc1263facab044b8cb
crc32: EBA6994D
md5: 411f1201d75977addc66bd31eb5b0af9
sha1: c517a556e1e4f83632a4b748e7a37753c58d793b
sha256: df01c33f9913ac84ee2417d60ffc1704c09a106c31d66cbc1263facab044b8cb
sha512: 405e183c1e031e3abff9d430456c61e91c61214ce1e158d14a6547ab6413f3f0e21331ea9b513319f10bdf3e0f6a756f7a439ad7ed4e98755e3e391b58a06230
ssdeep: 196608:hF1+vqtKDF1+vqtKNuXF1+vqtK7i82RkW9hF1+vqtKHu:h9KD9Kq9K7iTZ9KHu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T155E61213760CE1A3C60E0176E567C8FD51701E79D6E6760B30EA7E3F7AB6242980E64E
sha3_384: 527989b5488edc5ce2c525c7eb2d012f868965572972b278fd901e17c00a81782670a6aefe27cf84b9bbc9c822391e37
ep_bytes: ff250020400000000000000000000000
timestamp: 2017-01-13 08:34:22


Version Info:

Translation: 0x0000 0x04b0
FileDescription: Overwatch InstallShield Wizard
FileVersion: 1.0.0.0
InternalName: Overwatch InstallShield Wizard.exe
LegalCopyright: Copyright ©  2016
OriginalFilename: Overwatch InstallShield Wizard.exe
ProductName: Overwatch InstallShield Wizard
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILPerseus.104124 also known as:

LionicTrojan.Win32.Perseus.4!c
MicroWorld-eScanGen:Variant.MSILPerseus.104124
FireEyeGen:Variant.MSILPerseus.104124
McAfeeArtemis!411F1201D759
AlibabaTrojan:MSIL/Surveyer.46b87cec
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Surveyer.EY
APEXMalicious
BitDefenderGen:Variant.MSILPerseus.104124
Ad-AwareGen:Variant.MSILPerseus.104124
EmsisoftGen:Variant.MSILPerseus.104124 (B)
McAfee-GW-EditionArtemis
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.MSILPerseus.104124
AviraHEUR/AGEN.1109666
ArcabitTrojan.MSILPerseus.D196BC
MicrosoftTrojan:Win32/Wacatac.B!ml
BitDefenderThetaGen:NN.ZemsilF.34062.@t0@amREsIo
ALYacGen:Variant.MSILPerseus.104124
MAXmalware (ai score=85)
VBA32TScope.Trojan.MSIL
TrendMicro-HouseCallTROJ_GEN.R002H09KU21
eGambitUnsafe.AI_Score_90%
Cybereasonmalicious.1d7597

How to remove MSILPerseus.104124?

MSILPerseus.104124 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment