Malware

What is “Mal/EncPk-DH”?

Malware Removal

The Mal/EncPk-DH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/EncPk-DH virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Mal/EncPk-DH?



File Info:

name: EC5DA9E383011689B985.mlw
path: /opt/CAPEv2/storage/binaries/4583e45c77a6dbec10bdde2786df2f2d39631a38452eb67bdd9d07179edd01ea
crc32: 753DFC0E
md5: ec5da9e383011689b9854be3effacc97
sha1: 523edcc558c8d7ae6a6ba5a5fdb2fb849b01fc0b
sha256: 4583e45c77a6dbec10bdde2786df2f2d39631a38452eb67bdd9d07179edd01ea
sha512: 44ff1cba3a0cd8a69fc5781858bf0bdb222efb951c46f4f368eed35bd76adc64f111ed4309e487b093b0800e92ed1c18308ca2ae568e266a8268a2885738068a
ssdeep: 3072:U44tH8d0EBKi8RHuA0eDehv9/YeB1f+CXe4H:U4Qk0Ri8p+vKebGFI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T146C3122B166624F9DB7C703EAFF9518F9C6822C651DA0A3D37DA96101D3F3839592F08
sha3_384: 68955db3cbe20c31c3b358c9fedcde37aa2132586df3569f7391b8c92761d46a0109fb9f8b33abd28371764b636e46ff
ep_bytes: 60e80000000033f681ee18da95022bc9
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Mal/EncPk-DH also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.kYJw
Elasticmalicious (high confidence)
MicroWorld-eScanPacker.Malware.NSAnti.1
FireEyeGeneric.mg.ec5da9e383011689
SkyhighBehavesLike.Win32.Dropper.cc
ALYacPacker.Malware.NSAnti.1
Cylanceunsafe
VIPREPacker.Malware.NSAnti.1
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 00004eab1 )
BitDefenderPacker.Malware.NSAnti.1
K7GWTrojan ( 00004eab1 )
Cybereasonmalicious.558c8d
BitDefenderThetaAI:Packer.715D82071D
SymantecTrojan.Packed.NsAnti
ESET-NOD32a variant of Win32/Pacex.Gen
APEXMalicious
KasperskyPacked.Win32.Krap.b
AlibabaTrojanSpy:Win32/OnLineGames.799ccb89
NANO-AntivirusTrojan.Win32.NSAnti.fthc
RisingMalware.OnLineGames!8.E959 (TFE:2:uxSnAdTP0LP)
TACHYONTrojan-PWS/W32.WebGame.128031
SophosMal/EncPk-DH
BaiduWin32.Trojan-PSW.OnlineGames.a
F-SecurePacked:W32/NSAnti.gen!A
DrWebTrojan.MulDrop.29812
TrendMicroMal_Nsanti-5
Trapminemalicious.high.ml.score
EmsisoftPacker.Malware.NSAnti.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminPacked.Krap.Gen.a
WebrootW32.Malware.Downloader
GoogleDetected
AviraTR/Drop.Agen.128031
VaristW32/Zbot.W.gen!Eldorado
Antiy-AVLTrojan[Packed]/Win32.Krap
KingsoftWin32.Troj.NsAntiT.b.108309
MicrosoftTrojanSpy:Win32/OnLineGames.ZDR
XcitiumTrojWare.Win32.PSW.Gamania.GenA@1oom6i
ArcabitPacker.Malware.NSAnti.1
ZoneAlarmPacked.Win32.Krap.b
GDataPacker.Malware.NSAnti.1
CynetMalicious (score: 100)
AhnLab-V3Packed/Win32.Krap.R37714
McAfeePWS-Gamania.gen.a
MAXmalware (ai score=100)
DeepInstinctMALICIOUS
VBA32Malware-Cryptor.Win32.NSAnti
MalwarebytesMachineLearning/Anomalous.100%
PandaW32/Gamania.gen
TrendMicro-HouseCallMal_Nsanti-5
YandexTrojan.Lineage.Gen!Pac.3
IkarusPacker.Win32.Krap
MaxSecureTrojan.Malware.19082.susgen
FortinetW32/Packed.ONLINEGAMES.gen!tr
AVGWin32:Oliga [Trj]
AvastWin32:Oliga [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Mal/EncPk-DH?

Mal/EncPk-DH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment