MSILPerseus.175561 information

The MSILPerseus.175561 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSILPerseus.175561 virus can do?

Dynamic (imported) function loading detected
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine MSILPerseus.175561?


File Info:
name: CFA86C868DB74B8A2025.mlw
path: /opt/CAPEv2/storage/binaries/24939630eedf38a9e30d06029f2e2a5f44ad3bae3bbc97924a19c45b42494f81
crc32: 5609F666
md5: cfa86c868db74b8a2025ce2450109cd5
sha1: a4aa417a1a6e9d86e174c6a817165ded38036fa5
sha256: 24939630eedf38a9e30d06029f2e2a5f44ad3bae3bbc97924a19c45b42494f81
sha512: 23d7c413349a79f068c3326e1967dbf167c445386bf39675906a7a3797333465a9fa49004110abc275f5c787ea528c42a57a575009f2ddf5ec3c9d544dc07c4b
ssdeep: 24576:kFsGk0Jz1j6SrmMVOgCHTv9kogBI9EAc:/Gk0JpW4mMVODyogBUr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FA25AD3179790963E53C82F160AB6C9927F915BF018ED1CE0E8232DE54E5F819983F9B
sha3_384: e295228ac05b45b690855a0aab6872ea2b57d5904427b769c8a4e2a338cb184b035e56f0d6e067a6e02389563e5a1eaf
ep_bytes: ff250020400000000000000000000000
timestamp: 2045-08-02 15:48:09

Version Info:
Translation: 0x0000 0x04b0
Comments: 
CompanyName: Microsoft
FileDescription: Fraps
FileVersion: 1.0.0.0
InternalName: Orion.exe
LegalCopyright: Copyright © Microsoft 2018
LegalTrademarks: 
OriginalFilename: Orion.exe
ProductName: Fraps
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILPerseus.175561 also known as:

Lionic	Trojan.Win32.Bobik.l!c
MicroWorld-eScan	Gen:Variant.MSILPerseus.175561
FireEye	Gen:Variant.MSILPerseus.175561
ALYac	Gen:Variant.MSILPerseus.175561
Zillya	Trojan.Bobik.Win32.3600
K7AntiVirus	Unwanted-Program ( 00568e2f1 )
K7GW	Unwanted-Program ( 00568e2f1 )
Cybereason	malicious.68db74
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/GameHack.BEF potentially unsafe
Kaspersky	Trojan-Spy.Win32.Bobik.iux
BitDefender	Gen:Variant.MSILPerseus.175561
Avast	FileRepMalware
Ad-Aware	Gen:Variant.MSILPerseus.175561
Emsisoft	Gen:Variant.MSILPerseus.175561 (B)
TrendMicro	TROJ_GEN.R002C0PL321
McAfee-GW-Edition	BehavesLike.Win32.Packed.tc
Sophos	Generic PUA KE (PUA)
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.MSILPerseus.175561
Jiangmin	TrojanSpy.Bobik.xn
Avira	TR/Spy.Bobik.romlb
Arcabit	Trojan.MSILPerseus.D2ADC9
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
McAfee	GenericRXHR-GH!CFA86C868DB7
MAX	malware (ai score=86)
Malwarebytes	Malware.AI.1053841195
TrendMicro-HouseCall	TROJ_GEN.R002C0PL321
Fortinet	Adware/GameHack
AVG	FileRepMalware
Panda	Trj/GdSda.A

How to remove MSILPerseus.175561?

MSILPerseus.175561 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X