Malware

MSILPerseus.151363 malicious file

Malware Removal

The MSILPerseus.151363 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSILPerseus.151363 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • At least one process apparently crashed during execution
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • .NET file is packed/obfuscated with Confuser
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Installs itself for autorun at Windows startup
  • Appears to use command line obfuscation
  • Uses suspicious command line tools or Windows utilities

How to determine MSILPerseus.151363?



File Info:

name: 1315DE7943992F82DFF0.mlw
path: /opt/CAPEv2/storage/binaries/cc9a3f47d000bc4f352cee0e8e58ae6dd7ae370d3c9154fe1606d8b8deda7e03
crc32: D1A6DCB3
md5: 1315de7943992f82dff0beda8e517725
sha1: 96ce5f202f83e579b44c7115038315fb4890808c
sha256: cc9a3f47d000bc4f352cee0e8e58ae6dd7ae370d3c9154fe1606d8b8deda7e03
sha512: e79687398b8146d38dc2cfe256a766bf83dcd690110eb5dd7deec284bc4c6fca9496f86fa86535363881923de5bc641bed22256e4caa1b961194450ca10a110f
ssdeep: 768:5rUAa7dsUlgashjpjupEbFFD3K91YRd6Xv6p+L1J5v/K:ZBys0gasuEbFFzJrB+ZPS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ABD25D8E9FE40F25C37D4EBB257DCB000669962BA463F79B148C19E71E92FD0A2411B7
sha3_384: 87c76d8c94bcdf85787f940697f5f1ae2a381ca9b3fd4c6ac97671e0a1407d82e75204fc94e6eafcfe7a876ec15c594e
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-11-19 18:07:26


Version Info:

Translation: 0x0000 0x04b0
FileDescription: MasterAgent
FileVersion: 1.0.0.0
InternalName: runner.exe
LegalCopyright: Copyright ©  2015
OriginalFilename: runner.exe
ProductName: MasterAgent
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILPerseus.151363 also known as:

LionicTrojan.Win32.Generic.4!c
DrWebTrojan.DownLoader17.56567
MicroWorld-eScanGen:Variant.MSILPerseus.151363
FireEyeGeneric.mg.1315de7943992f82
ALYacGen:Variant.MSILPerseus.151363
CylanceUnsafe
ZillyaAdware.Amonetize.Win32.16402
SangforSuspicious.MSIL.Confuser.mt
K7AntiVirusTrojan ( 700000121 )
AlibabaTrojan:MSIL/Generic.c2a5da22
K7GWTrojan ( 700000121 )
CrowdStrikewin/malicious_confidence_80% (W)
BitDefenderThetaGen:NN.ZemsilF.34062.bm0@aGOvRdl
SymantecTrojan Horse
ESET-NOD32a variant of MSIL/Small.ER
Paloaltogeneric.ml
BitDefenderGen:Variant.MSILPerseus.151363
NANO-AntivirusTrojan.Win32.Dwn.ecymne
AvastWin32:Rootkit-gen [Rtk]
Ad-AwareGen:Variant.MSILPerseus.151363
EmsisoftGen:Variant.MSILPerseus.151363 (B)
ComodoMalware@#v0zb976w7rub
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionArtemis!Trojan
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.MSILPerseus.151363
WebrootW32.Adware.Gen
AviraTR/Small.ocnco
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASMalwS.17C7304
MicrosoftBackdoor:Win32/Bladabindi!ml
CynetMalicious (score: 99)
McAfeeArtemis!1315DE794399
APEXMalicious
YandexTrojan.DownLoader!ATjzAEMn1P8
MaxSecureTrojan.Malware.105921610.susgen
AVGWin32:Rootkit-gen [Rtk]
Cybereasonmalicious.943992
PandaTrj/CI.A

How to remove MSILPerseus.151363?

MSILPerseus.151363 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment