Mal/DocDl-K removal tips

Malware Removal

The Mal/DocDl-K is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Mal/DocDl-K virus can do?

  • The office file contains 2 macros
  • The office file contains a macro with auto execution
  • The office file contains anomalous features
  • The office file contains a macro with suspicious strings

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Mal/DocDl-K?


File Info:

crc32: 8F058753
md5: 4c39d30e11fa55de535d37d2dcf92ab1
name: upload_file
sha1: ffe7379c3f3c13e1ac643725d9f3b22381a50165
sha256: 0db37b9a102b97c13139d74b6555d4a0211f22ce3bda3c2e2b7f667dc5aa5266
sha512: c2e137cd90f825d3e59c47146058931aff1f80c4013d3494a6b5f22262a0a74f07c3af92f83cc5ae30b238897c20a21605fcb05ca73b5f6a626c9602aa843fc1
ssdeep: 3072:lj6yw1MgpQiBhGWb6esLbTh8YuyDRBFtdfGkt46w3MR4Ht+:lHgtEWPsL/aTyT9Gkt46w3MRat+
type: Composite Document File V2 Document, Little Endian, Os: Windows, Version 6.2, Code page: 1252, Title: Sed., Author: Lou Henry, Template: Normal.dotm, Revision Number: 1, Name of Creating Application: Microsoft Office Word, Create Time/Date: Wed Aug 12 07:17:00 2020, Last Saved Time/Date: Wed Aug 12 07:17:00 2020, Number of Pages: 1, Number of Words: 3, Number of Characters: 23, Security: 0

Version Info:

0: [No Data]

Mal/DocDl-K also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanVBA:Logan.857
FireEyeVBA:Logan.857
CAT-QuickHealW97M.Emotet.38757
McAfeeRDN/EmotetDoc
SangforMalware
K7AntiVirusTrojan ( 0056c3f41 )
K7GWTrojan ( 0056c3f41 )
SymantecW97M.Downloader
TrendMicro-HouseCallTrojan.W97M.POWLOAD.EMI
KasperskyHEUR:Trojan.MSOffice.SAgent.gen
BitDefenderVBA:Logan.857
ViRobotDOC.Z.Agent.235081
AegisLabTrojan.MSWord.Generic.4!c
RisingTrojan.Obfus/VBA!1.C95A (CLASSIC)
Ad-AwareVBA:Logan.857
ComodoTrojWare.Win32.Agent.oewku@0
F-SecureMalware.VBA/Dldr.Agent.xjuxt
VIPRELooksLike.Macro.Malware.d (v)
TrendMicroTrojan.W97M.POWLOAD.EMI
FortinetVBA/Agent.BIP!tr.dldr
SophosMal/DocDl-K
CyrenW97M/Downldr.IE.gen!Eldorado
AviraVBA/Dldr.Agent.xjuxt
Antiy-AVLTrojan[Downloader]/MSOffice.Agent.uay
ArcabitVBA:Logan.857
MicrosoftTrojanDownloader:O97M/Emotet.CSK!MTB
CynetMalicious (score: 85)
AhnLab-V3Downloader/DOC.Emotet.S1072
ALYacTrojan.Downloader.DOC.Gen
TACHYONSuspicious/W97M.Obfus.Gen.1
ZonerProbably Heur.W97Obfuscated
ESET-NOD32VBA/TrojanDownloader.Agent.UAY
TencentHeur.Macro.Generic.f.43e3f17f
IkarusTrojan-Downloader.VBA.Emotet
GDataVBA:Logan.857
AVGScript:SNH-gen [Trj]
Qihoo-360Generic/Trojan.Script.ed4

How to remove Mal/DocDl-K?

Mal/DocDl-K removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment