Malware

How to remove “MSILPerseus.469 (B)”?

Malware Removal

The MSILPerseus.469 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSILPerseus.469 (B) virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Created a process from a suspicious location
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

How to determine MSILPerseus.469 (B)?



File Info:

name: AD46C594D26F7D78A1DC.mlw
path: /opt/CAPEv2/storage/binaries/e2686339b9d4edb03d46e4bbe2a00a735d4a03f2ebf3422c43f79d60d0d5096a
crc32: 39D78C72
md5: ad46c594d26f7d78a1dc5a41fc5c77c7
sha1: 618cb1b5f270c71963f036097e0e265fba047950
sha256: e2686339b9d4edb03d46e4bbe2a00a735d4a03f2ebf3422c43f79d60d0d5096a
sha512: f40f531441acf1e7819feb3a925aa682cea4b9d7c30d7107876cd19afd717147916406eb367d4e68166508dd12b2bd04a4f5481ee032387795a8a5a15b4dfbf5
ssdeep: 768:6/3SxOTiPcd0u2gVUwae6GLEqxn76iWA1P2E/agkMJI4w8BW6y/Djt39r:6/ixBPc/2g+wae6GYmGiWA1CzzDFh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15A33A21B5AEE7ED5D079A770337347D1C7B9EE608122C62E2DC0655889BF2837982BC4
sha3_384: 93e31f6c49224f6c8f575a343f9124a32fcd981272d343c284617638b1579839e27d4b598ac3b367590b763e2f361031
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-10-27 15:54:39


Version Info:

Translation: 0x0000 0x04b0
FileDescription: ukranii
FileVersion: 1.0.0.0
InternalName: king targets.exe
LegalCopyright: Copyright ©  2015
OriginalFilename: king targets.exe
ProductName: ukranii
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSILPerseus.469 (B) also known as:

LionicTrojan.Win32.FrauDrop.b!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
FireEyeGeneric.mg.ad46c594d26f7d78
McAfeeArtemis!AD46C594D26F
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0055e3981 )
K7AntiVirusTrojan ( 0055e3981 )
VirITTrojan.Win32.Atros2.ATHA
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.BGL
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Dropper.Win32.FrauDrop.akfih
BitDefenderGen:Variant.MSILPerseus.469
NANO-AntivirusTrojan.Win32.Kryptik.dyghsb
MicroWorld-eScanGen:Variant.MSILPerseus.469
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.114c7592
Ad-AwareGen:Variant.MSILPerseus.469
EmsisoftGen:Variant.MSILPerseus.469 (B)
ComodoMalware@#2iqfbu9emuyed
DrWebBackDoor.Bladabindi.892
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
IkarusTrojan.MSIL.Crypt
AviraTR/Dropper.MSIL.Gen
Antiy-AVLTrojan[Dropper]/Win32.FrauDrop
MicrosoftBackdoor:MSIL/Bladabindi
ArcabitTrojan.MSILPerseus.469
ZoneAlarmTrojan-Dropper.Win32.FrauDrop.akfih
GDataGen:Variant.MSILPerseus.469
AhnLab-V3Win-Trojan/MSILKrypt09.Exp
BitDefenderThetaGen:NN.ZemsilF.34182.dq0@aG4@isd
ALYacGen:Variant.MSILPerseus.469
MAXmalware (ai score=83)
RisingMalware.Obfus/MSIL@AI.93 (RDM.MSIL:GQFv6smQupP+E6R4MQfGEQ)
YandexTrojan.DR.FrauDrop!cEbUJHWE9EI
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_100%
FortinetMSIL/Kryptik.BGL!tr
AVGWin32:Malware-gen
Cybereasonmalicious.4d26f7
PandaTrj/CI.A
MaxSecureTrojan.Malware.300983.susgen

How to remove MSILPerseus.469 (B)?

MSILPerseus.469 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment