Mal/EncPk-BQ (file analysis)

The Mal/EncPk-BQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Mal/EncPk-BQ virus can do?

Sample contains Overlay data
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Mal/EncPk-BQ?


File Info:
name: D1A7237C7695E774E6E9.mlw
path: /opt/CAPEv2/storage/binaries/bee01eb99dcaeeb6fd26fadc3ca6d904c1b3e6d5c2d3e5c240e70dab58ea754f
crc32: E54E3ABD
md5: d1a7237c7695e774e6e9247749e58405
sha1: b7533be682c152678906908e6b4fbb4d1ebd2fa2
sha256: bee01eb99dcaeeb6fd26fadc3ca6d904c1b3e6d5c2d3e5c240e70dab58ea754f
sha512: a0190655962098a43be7957e3d1ab6a188639011b77e909aa2f95c39fa8b58a37793458d1469011cab2eadfecae942630e2344bb7a7231865bd06d021a62ae46
ssdeep: 24576:2GYvGsUH8spk563jwEKJaj9MTo5BUw1eX+xLD4ePQrSX:Q+sI8q3jZU49MTmz1DRYrSX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D66512A5BB988530F2C5AA335097CED58DA88638D24D2D1A4153062ECCFE2D7BC5F47E
sha3_384: dbab7cc2b1b0113608ae07706831772bb577aeb0d2215fc744004ed1d193a2d39928f4f18903e146942f65510e9d2ef8
ep_bytes: b85d5760f08d889e1200108941018b54
timestamp: 2009-05-06 02:21:07

Version Info:
FileDescription: Uninstall Visualizador 6.1.8
OriginalFilename: uninstall.exe
: 
Translation: 0x0409 0x04b0

Mal/EncPk-BQ also known as:

Lionic	Trojan.Win32.Agent.lrr0
MicroWorld-eScan	Trojan.GenericKD.36237025
FireEye	Trojan.GenericKD.36237025
McAfee	Artemis!D1A7237C7695
Malwarebytes	Malware.Heuristic.1003
Zillya	Trojan.Kryptik.Win32.1218641
Sangfor	Trojan.Win32.Skeeyah.A
K7AntiVirus	Trojan ( 0020f4671 )
Alibaba	Trojan:Win32/Kryptik.6c89cd0c
K7GW	Trojan ( 0020f4671 )
Cybereason	malicious.c7695e
Cyren	W32/SuspPack.DO.gen!Eldorado
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.TG
APEX	Malicious
Paloalto	generic.ml
BitDefender	Trojan.GenericKD.36237025
Avast	Win32:Evo-gen [Trj]
Tencent	Packed.Win32.Crashcompact.a
Emsisoft	Trojan.GenericKD.36237025 (B)
F-Secure	Trojan.TR/Crypt.PEPM.Gen
VIPRE	Trojan.GenericKD.36237025
McAfee-GW-Edition	BehavesLike.Win32.Trojan.tc
Sophos	Mal/EncPk-BQ
GData	Trojan.GenericKD.36237025
Jiangmin	Packed.Multi.dvo
Google	Detected
Avira	TR/Crypt.PEPM.Gen
Antiy-AVL	Trojan/Win32.SGeneric
Xcitium	TrojWare.Win32.Kryptik.~NTG@1pel9l
Arcabit	Trojan.Generic.D228EEE1
Microsoft	Trojan:Win32/Skeeyah.A!rfn
Cynet	Malicious (score: 99)
AhnLab-V3	Malware/Win32.RL_Generic.R287565
BitDefenderTheta	Gen:NN.ZexaF.36196.Dj3faeDO2nhi
ALYac	Trojan.GenericKD.36237025
Cylance	unsafe
Rising	Trojan.Tiggre!8.ED98 (CLOUD)
Yandex	Trojan.Kryptik!JNZ13IB3Glk
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Kryptik.TG!tr
AVG	Win32:Evo-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_90% (W)

How to remove Mal/EncPk-BQ?

Mal/EncPk-BQ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X