About “Trojan.Msilperseus” infection

Malware Removal

The Trojan.Msilperseus is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

ribbon

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
THANK YOU!
DOWNLOAD NOW
On Going Offer

What Trojan.Msilperseus virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Looks up the external IP address
  • Attempts to remove evidence of file being downloaded from the Internet
  • Executed a process and injected code into it, probably while unpacking
  • Exhibits behavior characteristic of iSpy Keylogger
  • Installs itself for autorun at Windows startup
  • Stores JavaScript or a script command in the registry, likely for persistence or configuration
  • Creates a hidden or system file
  • Checks the version of Bios, possibly for anti-virtualization
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Creates a copy of itself
  • Collects information to fingerprint the system

Related domains:

bot.whatismyipaddress.com

How to determine Trojan.Msilperseus?


File Info:

crc32: 874F529B
md5: e7b08fcae6df3fd74d5002568602dcc8
name: oyoyo11.exe
sha1: 2d9b2af7baf1a4b43c2761d73aa71a3a0f9b538e
sha256: 8f47f3e72baad600c4f9a4ea3f632a68f2f8ec0e562799b72ee73447ec01b17d
sha512: 8ba9f4ddd1baf5e8569a7e72e993b6935faffdffe7737d08711ca47154a5e44903ef032a0e7e5dcdce22c59e153962d0f645af014f1a1cbf18dd3864f0bac5d0
ssdeep: 12288:9QtjWUh3QI014fN3iO95rBmWyOM2/79jyB:9QtqU9dPF9+5O/9u
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright ProbeSimul 2019
Assembly Version: 1.0.0.0
InternalName: ProbeSimul.exe
FileVersion: 1.0.0.0
CompanyName:
LegalTrademarks:
Comments:
ProductName: ProbeSimul
ProductVersion: 1.0.0.0
FileDescription: ProbeSimul
OriginalFilename: ProbeSimul.exe

Trojan.Msilperseus also known as:

DrWebTrojan.Packed2.42142
MicroWorld-eScanGen:Variant.MSILPerseus.202733
FireEyeGeneric.mg.e7b08fcae6df3fd7
CAT-QuickHealTrojan.Msilperseus
McAfeeGenericRXJE-VD!E7B08FCAE6DF
AegisLabTrojan.Win32.Generic.4!c
SangforMalware
K7AntiVirusTrojan ( 005452d01 )
BitDefenderGen:Variant.MSILPerseus.202733
K7GWTrojan ( 005452d01 )
Cybereasonmalicious.7baf1a
BitDefenderThetaGen:NN.ZemsilF.32515.Gm0@aaDTU@k
SymantecTrojan Horse
APEXMalicious
AvastWin32:CrypterX-gen [Trj]
GDataGen:Variant.MSILPerseus.202733
KasperskyHEUR:Trojan.MSIL.Cryptos.gen
AlibabaTrojan:Win32/Starter.ali2000005
ViRobotTrojan.Win32.Z.Kryptik.532992.U
RisingTrojan.Kryptik!8.8 (TFE:C:j57A9T5HLS)
Ad-AwareGen:Variant.MSILPerseus.202733
SophosTroj/MSIL-NFP
ComodoMalware@#1y4c5wt9l3tr0
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Generic.hc
Trapminemalicious.moderate.ml.score
IkarusTrojan.MSIL.Crypt
CyrenW32/Trojan.KAHZ-3024
JiangminTrojan.MSIL.nnhf
WebrootW32.Trojan.Gen
AviraTR/Kryptik.upelb
Endgamemalicious (moderate confidence)
ArcabitTrojan.MSILPerseus.D317ED
ZoneAlarmHEUR:Trojan.MSIL.Cryptos.gen
MicrosoftTrojan:Win32/Occamy.C
AhnLab-V3Malware/Win32.RL_Generic.C3594292
Acronissuspicious
ALYacTrojan.Agent.HawkEye
MAXmalware (ai score=82)
MalwarebytesTrojan.PCrypt.MSIL.Generic
PandaTrj/GdSda.A
ESET-NOD32a variant of MSIL/Kryptik.QME
TrendMicro-HouseCallTROJ_GEN.R020C0WKQ19
SentinelOneDFI – Suspicious PE
FortinetMSIL/Kryptik.QME!tr
AVGWin32:CrypterX-gen [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Trojan.cfe

How to remove Trojan.Msilperseus?

Trojan.Msilperseus removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment