Malware

What is “MSILPerseus.156097”?

Malware Removal

The MSILPerseus.156097 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSILPerseus.156097 virus can do?

  • Creates RWX memory
  • Drops a binary and executes it
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself

How to determine MSILPerseus.156097?



File Info:

crc32: 31E5A9D2
md5: d69b5d34f57aa65052f544dceddbddc4
name: D69B5D34F57AA65052F544DCEDDBDDC4.mlw
sha1: 9d4b20456a7e9cb675daaf72ed512a519c8ef74d
sha256: 1e2b4d1593ad8ed942e1a30aea49ca16f0e2569c7a1a053c9e8a94cc89d7c19f
sha512: e805e3b88359207d2f2c160846fac37cafdbf93d9971409e06686dabd982be649f9acd43a5aad9a850cc8c7f9b5cd601494f8343ef10074a0c04ec13d03cdd0f
ssdeep: 3072:EAVC3hQgME4c0kgvU8gowT+IYUbd2Y4C4MSi4z:EAVC3CgMAd2pCZSi4
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Ahmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_Atef
Assembly Version: 9999.9999.9999.9999
InternalName: Ahmed_Atef.exe
FileVersion: 9999.9999.99.999
CompanyName: Ahmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_Atef
LegalTrademarks: Ahmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_Atef
Comments: Ahmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_Atef
ProductName: Ahmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_Atef
ProductVersion: 9999.9999.99.999
FileDescription: Ahmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_AtefAhmed_Atef
OriginalFilename: Ahmed_Atef.exe

MSILPerseus.156097 also known as:

K7AntiVirusTrojan ( 005371591 )
LionicTrojan.MSIL.Agent.m!c
Elasticmalicious (high confidence)
DrWebBackDoor.Bladabindi.13678
MicroWorld-eScanGen:Variant.MSILPerseus.156097
ALYacGen:Variant.MSILPerseus.156097
CylanceUnsafe
ZillyaBackdoor.Agent.Win32.66712
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:MSIL/Kryptik.4e0adec3
K7GWTrojan ( 005371591 )
Cybereasonmalicious.4f57aa
CyrenW32/Trojan.BZO.gen!Eldorado
SymantecBackdoor.Ratenjay
ESET-NOD32a variant of MSIL/Kryptik.OVI
AvastWin32:KeyloggerX-gen [Trj]
ClamAVWin.Packed.Msilperseus-9802572-0
KasperskyHEUR:Backdoor.MSIL.Agent.gen
BitDefenderGen:Variant.MSILPerseus.156097
NANO-AntivirusTrojan.Win32.Bladabindi.ffemiq
TencentMalware.Win32.Gencirc.10c9c388
Ad-AwareGen:Variant.MSILPerseus.156097
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZemsilF.34266.lm0@aSA7Gdo
TrendMicroTROJ_GEN.R002C0PKF21
McAfee-GW-EditionGenericRXGD-JJ!D69B5D34F57A
FireEyeGeneric.mg.d69b5d34f57aa650
EmsisoftGen:Variant.MSILPerseus.156097 (B)
SentinelOneStatic AI – Malicious PE
JiangminBackdoor.MSIL.amyx
AviraHEUR/AGEN.1141653
Antiy-AVLTrojan/Generic.ASMalwS.26E31F5
MicrosoftBackdoor:Win32/Bladabindi!ml
GDataGen:Variant.MSILPerseus.156097
AhnLab-V3Trojan/Win32.Bladabindi.R233669
McAfeeGenericRXGD-JJ!D69B5D34F57A
MAXmalware (ai score=99)
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.72635718
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PKF21
YandexTrojan.Kryptik!/bUF6qGR7jw
IkarusTrojan.MSIL.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/GenKryptik.CEOY!tr
AVGWin32:KeyloggerX-gen [Trj]
Paloaltogeneric.ml

How to remove MSILPerseus.156097?

MSILPerseus.156097 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment