Malware

ML/PE-A + Mal/EncPk-ANQ removal tips

Malware Removal

The ML/PE-A + Mal/EncPk-ANQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What ML/PE-A + Mal/EncPk-ANQ virus can do?

  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Likely virus infection of existing system binary
  • Creates a copy of itself
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine ML/PE-A + Mal/EncPk-ANQ?


File Info:

crc32: 3B07C844
md5: 62186bc4c99d55227814906e81e34a80
name: 62186BC4C99D55227814906E81E34A80.mlw
sha1: 76faa17fed630940cb3e5f4de168e4da75272203
sha256: 10392bf7587edc9aa8f6692008ea5ed1ab9b5ccace511da0c51672319ce8ff30
sha512: cefec91ba4152192a0d3bdfa9b82079a1baec8c60fd7c67809f7828e2e941abeb4d96d37ba4cdb770b1bf721373cd4287125fa85ae8f1e4c9eb1eee812439cc5
ssdeep: 49152:qZIV8G9HN52lhqXChFciXZbDsD49XpzK4Hy0kBkzCym7P6:AeT6lJR95axyOP6
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:

0: [No Data]

ML/PE-A + Mal/EncPk-ANQ also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 0050a9591 )
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop7.8471
CynetMalicious (score: 100)
CAT-QuickHealW32.Fujack.gen
ALYacGen:Heur.Mint.SP.Sneaky.1
CylanceUnsafe
ZillyaTrojan.Fsysna.Win32.13181
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 0050a9591 )
Cybereasonmalicious.4c99d5
BaiduWin32.Trojan.Kryptik.bcp
CyrenW32/Upantix.I.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Kryptik.FKSZ.Gen
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Trojan.Generic-7135733-0
KasperskyHEUR:Packed.Win32.Upantix.gen
BitDefenderGen:Heur.Mint.SP.Sneaky.1
NANO-AntivirusTrojan.Win32.Upantix.ekofiv
MicroWorld-eScanGen:Heur.Mint.SP.Sneaky.1
TencentMalware.Win32.Gencirc.10b0dba8
Ad-AwareGen:Heur.Mint.SP.Sneaky.1
SophosML/PE-A + Mal/EncPk-ANQ
ComodoPacked.Win32.MUPX.Gen@24tbus
BitDefenderThetaAI:Packer.CD0ECFDD1F
McAfee-GW-EditionBehavesLike.Win32.HLLP.wh
FireEyeGeneric.mg.62186bc4c99d5522
EmsisoftGen:Heur.Mint.SP.Sneaky.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminPacked.Upantix.pun
AviraTR/Crypt.ULPM.Gen
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASBOL.A8F8
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataGen:Heur.Mint.SP.Sneaky.1
Acronissuspicious
McAfeePacked-KS!62186BC4C99D
MAXmalware (ai score=87)
PandaW32/Knase.C
RisingTrojan.Kryptik!1.A862 (CLASSIC)
YandexTrojan.Kryptik!CB8SPNpIFcc
IkarusTrojan.Hijacker
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Bundpil.72F8!tr
AVGWin32:Malware-gen

How to remove ML/PE-A + Mal/EncPk-ANQ?

ML/PE-A + Mal/EncPk-ANQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment