About “Mal/EncPk-CE” infection

The Mal/EncPk-CE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Mal/EncPk-CE virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Mal/EncPk-CE?


File Info:
name: 8AEBD8B8372AB7A811B0.mlw
path: /opt/CAPEv2/storage/binaries/d3f2d7bd54a305aba4b4537c2c9feb80c1ccd20d8e795cfdfe77967f2cd5892c
crc32: 99B586C6
md5: 8aebd8b8372ab7a811b0189b6b438725
sha1: 568e2804e276d983c1fb9e6a050eb6e581a9149f
sha256: d3f2d7bd54a305aba4b4537c2c9feb80c1ccd20d8e795cfdfe77967f2cd5892c
sha512: e789af69db744063130b1ac4462da43df0e57c72d381cdf044d748374583afc279fc39b5320c833c7f2d39186ab538c5375b67d709a0e460933af7a0af9738a0
ssdeep: 3072:DHZPCPsvqYHbeJ+vkQ44Ftx4lsnWNj/Ds0oeFcHIXpK:bZHqkbeJ+vRFPmlsnWxw0/H5K
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13EC31290120EA36FD233363E41A3D0958F91833382328D766B6D6EB9BD791FB584C566
sha3_384: 9dd30bd0b0527b524f9893f7ef3fd89ca7502dc8a016e76f230db30b3779678fa3a6a6828ef0a0b08542c4aa39abba20
ep_bytes: 158f0400006083d01ee80000000023c2
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

Mal/EncPk-CE also known as:

Bkav	W32.AIDetectMalware
Lionic	Hacktool.Win32.Krap.x!c
DrWeb	Trojan.Nsanti.Packed
MicroWorld-eScan	Packer.Malware.NSAnti.1
FireEye	Generic.mg.8aebd8b8372ab7a8
Skyhigh	BehavesLike.Win32.Generic.cc
McAfee	PWS-Gamania.gen.a
Cylance	unsafe
Zillya	Backdoor.Krap.Win32.3508
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (W)
Alibaba	TrojanSpy:Win32/OnLineGames.a8cbd72d
K7GW	Trojan ( 00004eab1 )
K7AntiVirus	Trojan ( 0054b3a81 )
Arcabit	Packer.Malware.NSAnti.1
BitDefenderTheta	AI:Packer.0C62F9921D
Symantec	Trojan.Packed.NsAnti
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Pacex.Gen
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Packed.Win32.Krap.b
BitDefender	Packer.Malware.NSAnti.1
NANO-Antivirus	Trojan.Win32.NSAnti.fthc
Avast	Win32:Oliga [Trj]
Emsisoft	Packer.Malware.NSAnti.1 (B)
F-Secure	Packed:W32/NSAnti.gen!A
Baidu	Win32.Trojan-PSW.OnlineGames.a
VIPRE	Packer.Malware.NSAnti.1
TrendMicro	Mal_Nsanti-3
Trapmine	malicious.high.ml.score
Sophos	Mal/EncPk-CE
SentinelOne	Static AI – Malicious PE
Jiangmin	Packed.Krap.Gen.a
Avira	TR/Crypt.XPACK.Gen
MAX	malware (ai score=100)
Antiy-AVL	Trojan[Packed]/Win32.Krap
Kingsoft	Win32.Troj.ObfuscatedT.ty.27648
Xcitium	TrojWare.Win32.PSW.Gamania.GenA@1oom6i
Microsoft	TrojanSpy:Win32/OnLineGames.ZDR
ZoneAlarm	Packed.Win32.Krap.b
GData	Packer.Malware.NSAnti.1
Varist	W32/Zbot.W.gen!Eldorado
AhnLab-V3	Win32/AntiPack.Gen
VBA32	OScope.Pacex.A
ALYac	Packer.Malware.NSAnti.1
TACHYON	Trojan/W32.Krap.129474
Malwarebytes	MachineLearning/Anomalous.100%
Panda	W32/Gamania.gen
TrendMicro-HouseCall	Mal_Nsanti-3
Yandex	Trojan.Lineage.Gen!Pac.3
Ikarus	Packer.Win32.Krap
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PackGamania.A!tr
AVG	Win32:Oliga [Trj]
DeepInstinct	MALICIOUS

How to remove Mal/EncPk-CE?

Mal/EncPk-CE removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X