Malware

Generik.IKLVWHW (file analysis)

Malware Removal

The Generik.IKLVWHW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generik.IKLVWHW virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid

How to determine Generik.IKLVWHW?



File Info:

name: E96787B713077FD4F4FF.mlw
path: /opt/CAPEv2/storage/binaries/c238f23084a286ddd38e07c14ec65fb97b15627a77c93dfbb6faa2cea58c83bf
crc32: 94D46248
md5: e96787b713077fd4f4fffd0454fe830c
sha1: 239c2141f8e4d2024920da4799eb8414fc1f80f1
sha256: c238f23084a286ddd38e07c14ec65fb97b15627a77c93dfbb6faa2cea58c83bf
sha512: c5ca8ea9cbcc49335796af0ac8a6ce22c979e0296312f66593f52a3cf5178521ac535f369a583c1ed103b7bb03160134def001f9617bae45e6981dedde4e21f3
ssdeep: 12288:nBgD4g7LePqEicTarFxIk+txcR9RCpviAzmk8clPhi+JXx1b9NZdOmg:nBgBeKc3SRaqcRpx1b9NX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T149B54B169C09AC33EB04043019355BA606D9ADA53554B123B9CFFBAF5ABDBD700DFE0A
sha3_384: d0c10e6427b978e5a897966229cc786d7768baaeeae48c0531db2853c9ecf2667dd47a0116773138b2d959a65a4b4237
ep_bytes: 6850214000e8eeffffff000000000000
timestamp: 2012-05-04 06:26:26


Version Info:

Translation: 0x0804 0x04b0
Comments: 专为南京富士通计算机设备有限公司DPK系列打印机开发.(Developed for Online_Setup on NFCP DPK Printer).作者:丁 明(Author:DingMing - dingming@fujitsu-nfcp.com)
CompanyName: NFCP
FileDescription: Updated in 2012.5,V1.91.
LegalCopyright: DM
LegalTrademarks: Escon
ProductName: EsconS
FileVersion: 1.91
ProductVersion: 1.91
InternalName: Escon
OriginalFilename: Escon.exe

Generik.IKLVWHW also known as:

LionicTrojan.Win32.VBKrypt.4!c
MicroWorld-eScanTrojan.GenericKD.30396764
FireEyeTrojan.GenericKD.30396764
CAT-QuickHealTrojan.VbkryptVMF.S22456593
ALYacTrojan.GenericKD.30396764
AlibabaTrojan:Win32/VBKrypt.9c8900dd
Cybereasonmalicious.713077
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Generik.IKLVWHW
APEXMalicious
KasperskyTrojan.Win32.VBKrypt.nrif
BitDefenderTrojan.GenericKD.30396764
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKD.30396764
TACHYONTrojan/W32.VB-VBKrypt.2433024
SophosMal/Generic-S
EmsisoftTrojan.GenericKD.30396764 (B)
GDataTrojan.GenericKD.30396764
JiangminTrojan.VBKrypt.ettj
Antiy-AVLTrojan/Generic.ASMalwS.129890A
KingsoftWin32.Troj.VBKrypt.nr.(kcloud)
MicrosoftTrojan:Win32/Wacatac.B!ml
McAfeeArtemis!E96787B71307
MAXmalware (ai score=85)
TrendMicro-HouseCallTROJ_GEN.R002C0WH821
YandexTrojan.VBKrypt!YmwtQuL4IBg
IkarusWin32.Outbreak
MaxSecureTrojan.Malware.1728101.susgen
FortinetW32/VBKrypt.NRIF!tr
AVGWin32:Malware-gen
PandaTrj/Chgt.A

How to remove Generik.IKLVWHW?

Generik.IKLVWHW removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment