Malware

How to remove “ML/PE-A + Mal/Behav-046”?

Malware Removal

The ML/PE-A + Mal/Behav-046 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What ML/PE-A + Mal/Behav-046 virus can do?

  • Possible date expiration check, exits too soon after checking local time
  • Drops a binary and executes it
  • Likely installs a bootkit via raw harddisk modifications
  • Deletes its original binary from disk
  • Attempts to restart the guest VM
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine ML/PE-A + Mal/Behav-046?



File Info:

crc32: 97EDEBFE
md5: 8b5ed4d8acbb0b81040b6b08ac0aaeb8
name: 8B5ED4D8ACBB0B81040B6B08AC0AAEB8.mlw
sha1: 3732498c34f9e4de96efdf5e56b15cc0f86ed475
sha256: 27706daf7282fe203e40c14ecd4077fb793635ce0d18e8207d355ecd505e22c5
sha512: 1af2b2dc2fbb85c677d2997558a8ec7b92f35feb302dc7e0e358659c71cef8ef93cd07cc15a83fa47339cfe6b64422cf922bbce3c92f27158e0cb7df3ec4ff1a
ssdeep: 96:yccrqC4RquUqCLm8alTckBcf0hKMqizTWkQvpcZrpEp1wR:6rqvqucLm8arcchKMqifQB6rpEp1wR
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

ML/PE-A + Mal/Behav-046 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0029be2d1 )
Elasticmalicious (high confidence)
DrWebTrojan.MBRlock.6
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Mauvaise.SL1
ALYacGen:Variant.Kazy.20419
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
K7GWTrojan ( 0029be2d1 )
Cybereasonmalicious.8acbb0
CyrenW32/Ransom.X.gen!Eldorado
SymantecTrojan.Bootlock.B
ESET-NOD32a variant of Win32/MBRlock.R
APEXMalicious
AvastMBR:Ransom-A [Rtk]
ClamAVWin.Trojan.Ransom-43
KasperskyTrojan-Ransom.Win32.Mbro.rv
BitDefenderGen:Variant.Kazy.20419
NANO-AntivirusTrojan.Win32.Mbro.crkvgs
ViRobotTrojan.Win32.A.Mbro.139264
MicroWorld-eScanGen:Variant.Kazy.20419
Ad-AwareGen:Variant.Kazy.20419
SophosML/PE-A + Mal/Behav-046
ComodoTrojWare.Win32.Trojan.Agent.~CRP@3xxg3u
BitDefenderThetaAI:Packer.5D441D781E
VIPRETrojan.Win32.Ransom.dva (v)
TrendMicroTROJ_RANSOM_BL13015C.TOMC
McAfee-GW-EditionRansom-FIT!8B5ED4D8ACBB
FireEyeGeneric.mg.8b5ed4d8acbb0b81
EmsisoftGen:Variant.Kazy.20419 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan/Generic.ifva
AviraBOO/Ransom.AB
MicrosoftRansom:Win32/Genasom.DV
GDataGen:Variant.Kazy.20419
TACHYONTrojan/W32.Small.10240.IS
AhnLab-V3Trojan/Win32.Mbro.C67070
McAfeeRansom-FIT!8B5ED4D8ACBB
MAXmalware (ai score=87)
VBA32Trojan.Ransom.5705
MalwarebytesRansom.FileCryptor
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_RANSOM_BL13015C.TOMC
RisingTrojan.MBRlock!1.66BD (RDMK:cmRtazpIxbviSKlU3mYJDzn+ol1U)
YandexTrojan.GenAsa!lGGJPPymHD4
IkarusTrojan-Ransom.Mbro
eGambitUnsafe.AI_Score_99%
FortinetW32/MBRlock.C!tr
AVGMBR:Ransom-A [Rtk]

How to remove ML/PE-A + Mal/Behav-046?

ML/PE-A + Mal/Behav-046 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment