Malware

ML/PE-A + Troj/VB-HTM malicious file

Malware Removal

The ML/PE-A + Troj/VB-HTM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What ML/PE-A + Troj/VB-HTM virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Authenticode signature is invalid
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine ML/PE-A + Troj/VB-HTM?



File Info:

name: 741A87F74E13DC3C0EFE.mlw
path: /opt/CAPEv2/storage/binaries/addacdd97b7e5af628bb383c31f0e52e090140282e1db2455fb2f44e83d83da5
crc32: 77C5AD09
md5: 741a87f74e13dc3c0efe3cd634d35898
sha1: 0ba79d3cc6e75335853a9e82b24712fcbd3ff7b6
sha256: addacdd97b7e5af628bb383c31f0e52e090140282e1db2455fb2f44e83d83da5
sha512: a77daaef09f8152eb3ef06c19cf5a56e1f5989af5f4be8bc2d7615c8ac8552e53761a7608551c537261da97f4c6331ce3a6c7051233344ad85fe5387dcdcebad
ssdeep: 3072:vVMKsWKxlGxE07ABigCFHdLYyBvzyBHNGqXgvnHZyzi0zslLF9/FzKsR:N3sWKxQ52CFHdLYKvzyZNGX/Iup52s
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10E04436BF121C054E59240B8742CEA9AF45C7E7305446972FB81BB5939B27EFA0F6B03
sha3_384: 3edcbabf46b1d37c06c0096b91f18f25dec269760ba881f70d8996d766c9e415a144b41a95c6ff0d0576347a3fffa203
ep_bytes: 6868784000e8f0ffffff000000000000
timestamp: 2009-11-17 21:30:15


Version Info:

Translation: 0x0409 0x04b0
ProductName: Project1
FileVersion: 1.00
ProductVersion: 1.00
InternalName: DOCUMENT
OriginalFilename: DOCUMENT.exe

ML/PE-A + Troj/VB-HTM also known as:

BkavW32.AIDetect.malware1
LionicVirus.Win32.Virut.lJwt
Elasticmalicious (high confidence)
DrWebTrojan.Siggen6.19362
MicroWorld-eScanBackdoor.VB.Agent.ABT
CAT-QuickHealWorm.Copali.OD3
McAfeeW32/Worm-GAM!741A87F74E13
CylanceUnsafe
ZillyaTrojan.Swisyn.Win32.32299
SangforSuspicious.Win32.Save.vb
K7AntiVirusP2PWorm ( 00486ea71 )
K7GWP2PWorm ( 00486ea71 )
Cybereasonmalicious.74e13d
BitDefenderThetaAI:Packer.8C01163E1F
VirITTrojan.Win32.VB2.ADGJ
CyrenW32/A-0d9bc26b!Eldorado
ESET-NOD32Win32/VB.OLE
APEXMalicious
TrendMicro-HouseCallWORM_COPALI_EJ200083.UVPM
ClamAVWin.Dropper.Cerber-7134131-0
KasperskyTrojan.Win32.Agentb.btmh
BitDefenderBackdoor.VB.Agent.ABT
NANO-AntivirusTrojan.Win32.TrjGen.deyzgg
ViRobotTrojan.Win32.Zbot.184320.D
AvastWin32:Vitro [Inf]
TencentTrojan.Win32.Agentb.zt
Ad-AwareBackdoor.VB.Agent.ABT
EmsisoftBackdoor.VB.Agent.ABT (B)
ComodoTrojWare.Win32.Swisyn.DFX@5ci87q
BaiduWin32.Worm.VB.bf
VIPREBackdoor.VB.Agent.ABT
TrendMicroWorm.Win32.COPALI.SM
McAfee-GW-EditionBehavesLike.Win32.VBObfus.cm
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.741a87f74e13dc3c
SophosML/PE-A + Troj/VB-HTM
SentinelOneStatic AI – Malicious PE
GDataBackdoor.VB.Agent.ABT
JiangminTrojan/Swisyn.wsw
WebrootTrojan.Comroki.Gen
GoogleDetected
AviraTR/Beebone.rhwnabs
MAXmalware (ai score=89)
Antiy-AVLTrojan/Generic.ASMalwS.F6
KingsoftWin32.Heur.KVM007.a.(kcloud)
ArcabitBackdoor.VB.Agent.ABT
SUPERAntiSpywareTrojan.Agent/Gen-Kazy
MicrosoftWorm:Win32/Copali.B
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R106377
VBA32Trojan.Agentb
ALYacBackdoor.VB.Agent.ABT
TACHYONTrojan/W32.Agent.184320
MalwarebytesTrojan.Agent
RisingWorm.Copali!1.A2C3 (CLASSIC)
YandexTrojan.Swisyn!HYP92Tvnrcg
IkarusTrojan.Win32.Agentb
FortinetW32/Generic.AC.1EEAF!tr
AVGWin32:Vitro [Inf]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove ML/PE-A + Troj/VB-HTM?

ML/PE-A + Troj/VB-HTM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment