Trojan

Trojan.Heur.RP.kmKfbSm3!vpi malicious file

Malware Removal

The Trojan.Heur.RP.kmKfbSm3!vpi is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Heur.RP.kmKfbSm3!vpi virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Heur.RP.kmKfbSm3!vpi?



File Info:

name: 64C876CF6914E3D4B9AD.mlw
path: /opt/CAPEv2/storage/binaries/450ef09bae7ae067c12a9da5fb4f6c56e73a586a425be14816ba695f1c302497
crc32: C8492A8A
md5: 64c876cf6914e3d4b9ad8e365796b8e4
sha1: 82fe7b6238ea40b90dcdb16c5ba006cce899eca5
sha256: 450ef09bae7ae067c12a9da5fb4f6c56e73a586a425be14816ba695f1c302497
sha512: 2584b8be2967376fe3e1fd68bf1a70dc4346096da23b6704cc895f8ac9beb5443de53b78bfbc6ce60ff855e930d2e7476e88eef085c7a25e86157d04bcc19b02
ssdeep: 3072:RpEEabHUMpQE9GA8umEeaHcL+gY285InL2tTV/nO2rLR41R3QiX2EsCXj3yRcQ9z:DEb0l/EeLQ28InL2dVrLR41xXtzj6cQc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F9F3124FBF855E5DFAAD3170B2029A47A24ABC236FFCD4955F31A7506439198E2C0C1B
sha3_384: 4b50d2d02d2645fbf8a390780788b9415c71a794b0f7d0f3d8c443f931076096371aab72a75786ac6fbfbcf5eeace75d
ep_bytes: 60be00504b008dbe00c0f4ff5783cdff
timestamp: 2020-01-27 17:07:13


Version Info:

Comments: Luncher Game
CompanyName: To4Serv
FileDescription: Protect Game From Hack
FileVersion: 1, 0, 0, 1
InternalName: MyProject
LegalCopyright: Copyright (C) My Company 2020
OriginalFilename: Luncher.exe
ProductName: To4Serv
ProductVersion: 1, 0, 0, 1
Translation: 0x0409 0x04b0

Trojan.Heur.RP.kmKfbSm3!vpi also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Kmkfasm.4!c
MicroWorld-eScanGen:Trojan.Heur.RP.kmKfbSm3!vpi
FireEyeGeneric.mg.64c876cf6914e3d4
ALYacGen:Trojan.Heur.RP.kmKfbSm3!vpi
MalwarebytesMalware.Heuristic.1003
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_60% (W)
BitDefenderThetaAI:Packer.A02FC6341F
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
APEXMalicious
Paloaltogeneric.ml
BitDefenderGen:Trojan.Heur.RP.kmKfbSm3!vpi
AvastWin32:Trojan-gen
F-SecureHeuristic.HEUR/Malware
VIPREGen:Trojan.Heur.RP.kmKfbSm3!vpi
Trapminesuspicious.low.ml.score
EmsisoftGen:Trojan.Heur.RP.kmKfbSm3!vpi (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Heur.RP.kmKfbSm3!vpi
AviraHEUR/Malware
MAXmalware (ai score=85)
Antiy-AVLTrojan/Win32.Occamy
ArcabitTrojan.Heur.RP.kmKfbSm3!vpi
MicrosoftProgram:Win32/Wacapew.C!ml
CynetMalicious (score: 100)
VBA32suspected of Trojan.Downloader.gen
RisingTrojan.Occamy!8.F1CD (CLOUD)
AVGWin32:Trojan-gen
Cybereasonmalicious.f6914e
DeepInstinctMALICIOUS

How to remove Trojan.Heur.RP.kmKfbSm3!vpi?

Trojan.Heur.RP.kmKfbSm3!vpi removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment