Malware

ML/PE-A + W32/Tufik-G (file analysis)

Malware Removal

The ML/PE-A + W32/Tufik-G is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What ML/PE-A + W32/Tufik-G virus can do?

  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine ML/PE-A + W32/Tufik-G?



File Info:

name: 1AD65BE12FBBD620029C.mlw
path: /opt/CAPEv2/storage/binaries/d088325ea37ac7841154a50f975efd96c42fd6e78e94db14674bb027086fa04b
crc32: E1BF10C0
md5: 1ad65be12fbbd620029c16428a593d27
sha1: 80ddae2fab99fbbead53fbcb1b20c03b89e04408
sha256: d088325ea37ac7841154a50f975efd96c42fd6e78e94db14674bb027086fa04b
sha512: 54051fdecb8b9ab64236bbeaa8c9f7eb4cb2cda951146acaa559cb4c9037234e8086a66ae5e6bf5344f8330177f787836f24a324535bf3f05bdd08d31571709f
ssdeep: 1536:OPMZNqSXpPEjknbEKUyjMnLi05N37R3yp59FLLLLppLNZrRSbBdkd8O0LLLLLppD:OPMZN55PEeHjjQl
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AD15E202617CDFC2F54F1C32D8899BB90AA32C188D3617DBBA53BED9F43B1829525197
sha3_384: 826dc4ae1a8a77b387598834c22b72f20b2e888efb634dd8927b49dea6d274aeeb95368fb89402253907d495fe6095eb
ep_bytes: 6174654b6579457800526567436c6f73
timestamp: 2008-01-23 14:32:38


Version Info:

0: [No Data]

ML/PE-A + W32/Tufik-G also known as:

BkavW32.AIDetect.malware2
LionicVirus.Win32.Tufik.leKk
Elasticmalicious (high confidence)
FireEyeGeneric.mg.1ad65be12fbbd620
McAfeeArtemis!1AD65BE12FBB
SangforTrojan.Win32.Save.a
AlibabaVirus:Win32/Tufik.c6597032
CyrenW32/S-21b63428!Eldorado
SymantecML.Attribute.HighConfidence
TrendMicro-HouseCallMal_TUFIK-1
Paloaltogeneric.ml
ClamAVWin.Downloader.95288-1
KasperskyVirus.Win32.Infector.gen
AvastWin32:Tufik
BaiduWin32.Trojan-Proxy.Delf.e
TrendMicroMal_TUFIK-1
McAfee-GW-EditionBehavesLike.Win32.Generic.cz
SophosML/PE-A + W32/Tufik-G
IkarusVirus.Win32.Tufik.c
MicrosoftVirus:Win32/Tufik.G
CynetMalicious (score: 100)
MalwarebytesMalware.AI.2484580277
APEXMalicious
RisingTrojan.Generic@AI.92 (RDML:Gm91vOuvRWcVTtXqQQ2aMQ)
YandexWin32.Perez.B
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/KeyIso.A!tr
AVGWin32:Tufik
CrowdStrikewin/malicious_confidence_90% (W)

How to remove ML/PE-A + W32/Tufik-G?

ML/PE-A + W32/Tufik-G removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment