Malware

ML/PE-A + Mal/EncPk-ACA removal guide

Malware Removal

The ML/PE-A + Mal/EncPk-ACA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What ML/PE-A + Mal/EncPk-ACA virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine ML/PE-A + Mal/EncPk-ACA?


File Info:

crc32: B0E9F24A
md5: 2843227d61de423c57ba68e69466766c
name: 2843227D61DE423C57BA68E69466766C.mlw
sha1: 06217cf909239b174f0dc15e712c0e35e4c23547
sha256: a1bd47434aa3b4c6d456c12483b76d66e8b62d0000c254c857709bc4b0d3e8ba
sha512: 3d373f400164212d1f80955532fbe809140c751891e092f4b040afdce7959d05dbd3ed567a83ab1c2880211609ceefa106086886d38f1002937818610a42a927
ssdeep: 6144:jRDg03dTD5jdWaTenZPcjhvqIBLjrcnp5WVj27:lg03dD1enuvDLjYGVy
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

LegalCopyright: Pecan xa9 Shuts Ask 1995-2006
InternalName: Sequin Kraut Movie Simon Soul
FileVersion: 1.7
CompanyName: Lenovo Corporation
ProductName: Slog Scope Adorn Goo Hooks Anne
ProductVersion: 1.7
FileDescription: Todd State Yep
OriginalFilename: Todd.exe
Translation: 0x0409 0x04b0

ML/PE-A + Mal/EncPk-ACA also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( f1000f011 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacTrojan.Ransom.ScreenLocker
CylanceUnsafe
ZillyaTrojan.Birele.Win32.6688
SangforTrojan.Win32.Save.a
AlibabaTrojan:Win32/Starter.ali2000005
K7GWTrojan ( f1000f011 )
Cybereasonmalicious.d61de4
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/LockScreen.AGU
APEXMalicious
AvastWin32:Trojan-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Heur.FKP.1
NANO-AntivirusTrojan.Win32.Winlock.jpmra
MicroWorld-eScanGen:Heur.FKP.1
TencentWin32.Trojan.Birele.Hqln
Ad-AwareGen:Heur.FKP.1
SophosML/PE-A + Mal/EncPk-ACA
ComodoTrojWare.Win32.Kryptik.ZNU@4ojyhs
BitDefenderThetaGen:NN.ZexaF.34050.rmKfaGtBGOli
VIPRETrojan.Win32.EncPk.acl (v)
McAfee-GW-EditionW32/Pinkslipbot.gen.aw
FireEyeGeneric.mg.2843227d61de423c
EmsisoftGen:Heur.FKP.1 (B)
SentinelOneStatic AI – Suspicious PE
WebrootW32.Trojan.Gen
AviraTR/Crypt.ULPM.Gen
eGambitUnsafe.AI_Score_96%
Antiy-AVLTrojan/Generic.ASMalwS.186A4B1
MicrosoftTrojan:Win32/Ransom.DR
ArcabitTrojan.FKP.1
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Heur.FKP.1
AhnLab-V3Trojan/Win32.Qhost.R16496
McAfeeW32/Pinkslipbot.gen.aw
MAXmalware (ai score=100)
VBA32BScope.Trojan.MTA.0661
PandaGeneric Malware
YandexTrojan.GenAsa!JDbD9K6Reoc
IkarusTrojan.Win32.Ransom
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Yakes.LS!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
Qihoo-360Win32/Rootkit.Generic.HwsBEpsA

How to remove ML/PE-A + Mal/EncPk-ACA?

ML/PE-A + Mal/EncPk-ACA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment