About “MSILPerseus.136591 (B)” infection

The MSILPerseus.136591 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSILPerseus.136591 (B) virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine MSILPerseus.136591 (B)?


File Info:
name: 3867855C802286E776ED.mlw
path: /opt/CAPEv2/storage/binaries/cfa11f642f85a9ffb8dd4ed15f95271e3213e7632f3cbf313134f1981dfc150b
crc32: E288322D
md5: 3867855c802286e776edf523a774ff64
sha1: 7560ccd032fadf810f1eec7d7982f792cccf3b3a
sha256: cfa11f642f85a9ffb8dd4ed15f95271e3213e7632f3cbf313134f1981dfc150b
sha512: 1ce594cf5835b320f95b767ab183b5928cee61b2ca3963b80280e8b346dae19868f9ebb011204a967d3d7183c7808fa0c482650297a3701e483f15fae4af9e8f
ssdeep: 1536:pry6ibySz5rPbhCpfyou7DoDtbRnQ3csqwfVQ5QnmY1xspqKm1:PSlIpfyjgxbRnQsWVMQ3xnz
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T181A3F717F3E88511D1BFAB7664B140018AB2B4476835CE4E3CDB84CA5FE6B806B62F57
sha3_384: 5107f106db086b65c302a8a525c2543d9a5482010b7653453c9beda11ce6e68c0916fec8381d3508d2506dc544d9c561
ep_bytes: ff250020400000000000090807060500
timestamp: 2099-09-01 03:51:28

Version Info:
Translation: 0x0000 0x04b0
Comments: Spoofer Working On Many Game In PC
CompanyName: Scaratchy Developer 2017-2022 ©
FileDescription: Loader
FileVersion: 1.0.0.0
InternalName: Loader.exe
LegalCopyright: Copyright ©  2017-2022
LegalTrademarks: 
OriginalFilename: Loader.exe
ProductName: Loader
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILPerseus.136591 (B) also known as:

Lionic	Trojan.Win32.Disco.4!c
MicroWorld-eScan	Gen:Variant.MSILPerseus.136591
FireEye	Generic.mg.3867855c802286e7
ALYac	Gen:Variant.MSILPerseus.136591
Malwarebytes	Generic.Trojan.Downloader.DDS
VIPRE	Gen:Variant.MSILPerseus.136591
Sangfor	PUP.Win32.Disco.V3yi
K7AntiVirus	Riskware ( 0058ddc81 )
Alibaba	TrojanPSW:MSIL/Disco.2555a5c8
K7GW	Riskware ( 0058ddc81 )
CrowdStrike	win/malicious_confidence_70% (W)
BitDefenderTheta	Gen:NN.ZemsilF.36196.gm0@aaquHFm
Cyren	W32/MSIL_Agent.CDJ.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/RiskWare.HackTool.Agent_AGen.B
APEX	Malicious
Kaspersky	HEUR:Trojan-PSW.MSIL.Disco.gen
BitDefender	Gen:Variant.MSILPerseus.136591
Avast	Win32:Malware-gen
Tencent	Msil.Trojan-QQPass.QQRob.Ocnw
Emsisoft	Gen:Variant.MSILPerseus.136591 (B)
McAfee-GW-Edition	PUP-XTN-VN
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
GData	Gen:Variant.MSILPerseus.136591
Antiy-AVL	Trojan[PSW]/MSIL.Disco
Arcabit	Trojan.MSILPerseus.D2158F
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Disco.gen
Microsoft	Program:Win32/Uwamson.A!ml
Google	Detected
AhnLab-V3	Malware/Win.Generic.C5049831
Acronis	suspicious
McAfee	PUP-XTN-VN
MAX	malware (ai score=87)
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H06E823
Rising	Stealer.Disco!8.1326E (CLOUD)
Ikarus	Trojan.Win64.Agent
Fortinet	Riskware/HackTool_Agent_AGen
AVG	Win32:Malware-gen
Cybereason	malicious.c80228
DeepInstinct	MALICIOUS

How to remove MSILPerseus.136591 (B)?

MSILPerseus.136591 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X