Malware

ML/PE-A + Troj/KillMBR-U information

Malware Removal

The ML/PE-A + Troj/KillMBR-U is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What ML/PE-A + Troj/KillMBR-U virus can do?

  • The binary likely contains encrypted or compressed data.
  • Attempts to restart the guest VM
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine ML/PE-A + Troj/KillMBR-U?


File Info:

crc32: 14693D2E
md5: 5e1a510af37717c6093cfb75cf54d826
name: 5E1A510AF37717C6093CFB75CF54D826.mlw
sha1: 1c119fc8133fef2af497c96a56d0e566ed4000a9
sha256: 3a996d070e4c8352553bf143e23850ad7df921cb66135c4cf4e52c1b363dc52a
sha512: 4ee468cdbf0163a54c3e25aa2d1e557017d0d351f84d3168f29be2a38014d7d1ac68b7515046634d1e4fc7feea6de39f197b470db05201cea952824e70925d49
ssdeep: 1536:NLqzcQ5kJxWpKRfzdJ2Iyjg5FPbz7osauUr2yAxSr9vaZ4i2HhVK:9EkJY4RpJ2JjIzz0swKxSr9v2YK
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

ML/PE-A + Troj/KillMBR-U also known as:

K7AntiVirusTrojan ( 0057c2901 )
Elasticmalicious (high confidence)
DrWebTrojan.Siggen8.23112
CynetMalicious (score: 100)
CAT-QuickHealRansom.MazeIH.S12850715
ALYacGen:Variant.Zusy.372150
CylanceUnsafe
CrowdStrikewin/malicious_confidence_60% (D)
K7GWTrojan ( 0057c2901 )
Cybereasonmalicious.af3771
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/KillMBR.NDS
APEXMalicious
AvastMBR:CoViper-A [Trj]
ClamAVWin.Dropper.Tiggre-7061386-1
KasperskyVHO:Trojan.Win32.DiskWriter.gen
BitDefenderGen:Variant.Zusy.372150
NANO-AntivirusTrojan.Win32.DiskWriter.fjkdpb
MicroWorld-eScanGen:Variant.Zusy.372150
TencentMalware.Win32.Gencirc.10ce3cd4
Ad-AwareGen:Variant.Zusy.372150
SophosML/PE-A + Troj/KillMBR-U
F-SecureDropper.DR/Delphi.Gen
BitDefenderThetaAI:Packer.FC0B668B18
FireEyeGeneric.mg.5e1a510af37717c6
EmsisoftGen:Variant.Zusy.372150 (B)
JiangminTrojan.DiskWriter.jo
AviraDR/Delphi.Gen
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.2A17B01
MicrosoftTrojan:Win32/KillMBR.G!MTB
ArcabitTrojan.Zusy.D5ADB6
GDataGen:Variant.Zusy.372150
AhnLab-V3Malware/Gen.Generic.C2882301
MAXmalware (ai score=87)
VBA32BScope.Trojan.DiskWriter
MalwarebytesTrojan.KillMBR
PandaTrj/GdSda.A
RisingMalware.Heuristic!ET#98% (RDMK:cmRtazrM2mFd1RAgYulBNoKqcAto)
YandexTrojan.GenAsa!lX/idzb9k7U
IkarusTrojan.Win32.KillMBR
FortinetW32/KillMBR.NDS!tr
AVGMBR:CoViper-A [Trj]

How to remove ML/PE-A + Troj/KillMBR-U?

ML/PE-A + Troj/KillMBR-U removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment