Malware

Mal/EncPk-CA removal instruction

Malware Removal

The Mal/EncPk-CA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Mal/EncPk-CA virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • The executable is likely packed with VMProtect
  • Network activity detected but not expressed in API logs

How to determine Mal/EncPk-CA?


File Info:

crc32: 5622D2EE
md5: bcea095084c1c82b582c546896690902
name: BCEA095084C1C82B582C546896690902.mlw
sha1: ffeeb96cb2b3b62fc6ce4d15bf8a7d19e26725ca
sha256: db5c41e82469ba2d62ce2cb5f80f9cb4ecd66f6cdd267230944bfc37fcd3ad85
sha512: b7567c996cfd33500d16995acc93ea0364bc3928032dc491943e55a7a19acf640bd18ef0339d82e27986ca2f3829067bec3b71435c76f504fbd57fbc906ca69b
ssdeep: 6144:XZNL1WhOrdIrZl13N3lQLMupH7GiyEwyM:XLLA46rZ3N1OMIpa
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: x7248x6743x6240x6709(C) 2020
InternalName: loader
FileVersion: 1, 0, 0, 1
CompanyName: yida
PrivateBuild:
LegalTrademarks:
Comments:
ProductName: yida loader
SpecialBuild:
ProductVersion: 1, 0, 0, 1
FileDescription: loader
OriginalFilename: loader.dat
Translation: 0x0804 0x04b0

Mal/EncPk-CA also known as:

BkavW32.AIDetect.malware1
K7AntiVirusRiskware ( 00584baa1 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (W)
K7GWRiskware ( 00584baa1 )
Cybereasonmalicious.cb2b3b
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastFileRepMetagen [Malware]
SophosMal/EncPk-CA
ComodoPacked.Win32.MUPX.Gen@24tbus
BitDefenderThetaGen:NN.ZexaF.34170.oy0@amfZYHlj
McAfee-GW-EditionBehavesLike.Win32.Trojan.dc
FireEyeGeneric.mg.bcea095084c1c82b
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1100307
MicrosoftTrojan:Win32/Farfli.DSK!MTB
McAfeeArtemis!BCEA095084C1
RisingTrojan.Generic@ML.93 (RDML:lFcVz4HfOusESTqArs4feg)
FortinetW32/PossibleThreat
AVGFileRepMetagen [Malware]

How to remove Mal/EncPk-CA?

Mal/EncPk-CA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment