Malware

GenPack:Win32.Rungbu.A removal instruction

Malware Removal

The GenPack:Win32.Rungbu.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What GenPack:Win32.Rungbu.A virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Executes the printer spooler process
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent file extensions from being displayed
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine GenPack:Win32.Rungbu.A?



File Info:

name: 307CD64584513D4BC6B3.mlw
path: /opt/CAPEv2/storage/binaries/1d520e19a4cb544f356d3a1af555b49b3a5e924aad3a60e158efd143af4e7807
crc32: 09B4F1CE
md5: 307cd64584513d4bc6b31e7fd560eba3
sha1: 1a2b77a4b85ef4654b5af3575f7e69f10ea5f97a
sha256: 1d520e19a4cb544f356d3a1af555b49b3a5e924aad3a60e158efd143af4e7807
sha512: 17e9be2ba0b80487b818b6fa5ccb40410f43fa95d366e54ebd85ac886ecdf2078237e9e04c157a70c6c2c568b4d1ef295e68279bc4b2dc0741d28382fc5d6967
ssdeep: 768:nnz0/XBwayCUOwV3TNZHdrPeqzEWvpbPwSMX6+w6pqZxLdeVgol9D8888888888O:nzOCay4wV339rPjzbpLwRJ9pSdoIL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11623E1409FECBD39E8C3297988B54D135B35EA17D06AC357A0E071CD99B594398373A3
sha3_384: 146de58066081cb265f545f065066462d1f87b14ab60a533eafcd5def6f6d605f0bad0f8144bab796ebafc1ea0946892
ep_bytes: 9060e803000000e9eb045d4555c3e801
timestamp: 2003-08-06 18:34:23


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Microsoft Office Word
FileVersion: 11.0.5604
InternalName: WinWord
LegalCopyright: Copyright © 1983-2003 Microsoft Corporation.  All rights reserved.
LegalTrademarks1: Microsoft® is a registered trademark of Microsoft Corporation.
LegalTrademarks2: Windows® is a registered trademark of Microsoft Corporation.
OriginalFilename: WinWord.exe
ProductName: Microsoft Office 2003
ProductVersion: 11.0.5604
Translation: 0x0000 0x04e4

GenPack:Win32.Rungbu.A also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.VB.lfFr
AVGWin32:Malware-gen
Elasticmalicious (high confidence)
MicroWorld-eScanGenPack:Win32.Rungbu.A
FireEyeGeneric.mg.307cd64584513d4b
SkyhighBehavesLike.Win32.Rungbu.ph
McAfeeArtemis!307CD6458451
MalwarebytesGeneric.Malware.AI.DDS
ZillyaWorm.VB.Win32.27450
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 004bcce71 )
AlibabaVirus:Win32/Rungbu.277824f4
K7GWP2PWorm ( 004cb5d91 )
BitDefenderThetaAI:Packer.48E7020D1C
VirITWorm.Win32.VB.APQ
SymantecW32.Dizan.D
tehtrisGeneric.Malware
ESET-NOD32Win32/VB.NHV
CynetMalicious (score: 100)
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-33174
KasperskyVirus.Win32.VB.cc
BitDefenderGenPack:Win32.Rungbu.A
NANO-AntivirusVirus.Win32.VB.fggxtd
AvastWin32:Malware-gen
TencentVirus.Win32.Vb.pa
EmsisoftGenPack:Win32.Rungbu.A (B)
F-SecureMalware.W32/VB.CC
DrWebWin32.HLLW.Generic.194
VIPREGenPack:Win32.Rungbu.A
TrendMicroPE_RUNGBU.I-O
Trapminemalicious.high.ml.score
SophosW32/VB-CTQ
IkarusWorm.Win32.VB
JiangminVirus.VB.da
WebrootW32.Rungbu.Gen
VaristW32/Worm.EAEM-2459
AviraW32/VB.CC
Antiy-AVLVirus/Win32.VB.cc
KingsoftWin32.Infected.AutoInfector.a
MicrosoftVirus:Win32/Rungbu.C
XcitiumVirus.Win32.VB.CC0@1n9ls4
ArcabitGenPack:Win32.Rungbu.A
ZoneAlarmVirus.Win32.VB.cc
GDataGenPack:Win32.Rungbu.A
GoogleDetected
AhnLab-V3Worm/Win32.VB.R2327
ALYacGenPack:Win32.Rungbu.A
VBA32Win32.VB
Cylanceunsafe
PandaW32/Rungbu.A.worm
TrendMicro-HouseCallPE_RUNGBU.I-O
RisingMalware.Undefined!8.C (TFE:1:Z2bCuAXOkKC)
YandexWorm.Rungbu.B
MAXmalware (ai score=100)
FortinetW32/Generic.AC.1A956A!tr
DeepInstinctMALICIOUS
alibabacloudWorm

How to remove GenPack:Win32.Rungbu.A?

GenPack:Win32.Rungbu.A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment