PUA

ML/PE-A + BlackMoon Packed (PUA) removal

Malware Removal

The ML/PE-A + BlackMoon Packed (PUA) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What ML/PE-A + BlackMoon Packed (PUA) virus can do?

  • Detected script timer window indicative of sleep style evasion
  • Reads data out of its own binary image
  • A scripting utility was executed
  • A wscript.exe process commonly used in script or document file downloaders initiated network activity
  • Attempts to modify proxy settings
  • Creates a copy of itself

Related domains:

www.blackievirus.com

How to determine ML/PE-A + BlackMoon Packed (PUA)?



File Info:

crc32: 5ED5AC46
md5: b3b45c8edb09dc5c255a6b146724ecf8
name: B3B45C8EDB09DC5C255A6B146724ECF8.mlw
sha1: 891ea1115867233f60fa807e8b381d9fc7504f5b
sha256: aad2bf9079bbdc7a0fdd1a2f55ee685e3a393c340e50d2108e7fa98ea0bfaeef
sha512: be4cf860be16c5739f69238f4fd51223fed319ee6262e1f857612f45559f5cb5dc05bb2e5874e2aad9088a6239c9d254700d5c324be3e65831292ad5e061b46c
ssdeep: 49152:UpCQLoKbtS9T92kLfUlljelYvoGxUSJpXD:8CQLo0uZsRXD
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

ML/PE-A + BlackMoon Packed (PUA) also known as:

BkavW32.AIDetectVM.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.36272277
FireEyeGeneric.mg.b3b45c8edb09dc5c
ALYacTrojan.GenericKD.36272277
CylanceUnsafe
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderTrojan.GenericKD.36272277
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.edb09d
BitDefenderThetaGen:NN.ZexaF.34804.7oZ@a0h6m1o
CyrenW32/Fsysna.G.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Plyromt.C
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.Win32.Fsysna.gen
TencentMalware.Win32.Gencirc.10ce3299
Ad-AwareTrojan.GenericKD.36272277
SophosML/PE-A + BlackMoon Packed (PUA)
ComodoTrojWare.Win32.BlackMoon.R@8c1vff
F-SecureHeuristic.HEUR/AGEN.1120052
ZillyaTrojan.Fsysna.Win32.21230
McAfee-GW-EditionBehavesLike.Win32.Pykse.vh
EmsisoftTrojan.GenericKD.36272277 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Fsysna.mnl
AviraHEUR/AGEN.1120052
MAXmalware (ai score=89)
Antiy-AVLTrojan[Downloader]/Script.AGeneric
MicrosoftTrojan:Win32/Wacatac.DA!ml
ArcabitTrojan.Generic.D2297895
ZoneAlarmHEUR:Trojan.Win32.Fsysna.gen
GDataWin32.Trojan.Agent.WP
CynetMalicious (score: 100)
Acronissuspicious
McAfeeGenericRXAA-AA!B3B45C8EDB09
VBA32BScope.TrojanRansom.Gen
MalwarebytesMalware.AI.4242237330
PandaTrj/Genetic.gen
RisingTrojan.Fsysna!1.D1F1 (CLASSIC)
YandexHTML.Psyme.Gen
IkarusTrojan-Downloader.Win32.Harnig
eGambitUnsafe.AI_Score_99%
FortinetW32/GenKryptik.ESFJ!tr
AVGWin32:Malware-gen
CrowdStrikewin/malicious_confidence_70% (D)
Qihoo-360QVM41.1.Malware.Gen

How to remove ML/PE-A + BlackMoon Packed (PUA)?

ML/PE-A + BlackMoon Packed (PUA) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment