Trojan

Trojan.Heur.VP2.kmKfauHX6hii information

Malware Removal

The Trojan.Heur.VP2.kmKfauHX6hii is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Heur.VP2.kmKfauHX6hii virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.Heur.VP2.kmKfauHX6hii?



File Info:

name: 52EDA0474DE589F452CA.mlw
path: /opt/CAPEv2/storage/binaries/2d5166ff261475ead0396ad1b9b259e435acf6c20c38d18225556bbf96b14827
crc32: DF86A1F4
md5: 52eda0474de589f452ca34e067905785
sha1: 87a716108260fb5281b7793a290f32adb486cef6
sha256: 2d5166ff261475ead0396ad1b9b259e435acf6c20c38d18225556bbf96b14827
sha512: 3269d8fafd06c17972a80494bb4b175f197135b773b533d58b395de2cfeeedeb79367ce4fc9007088ac50d25231fc2cc9369a11d5b032b6aceeb8a4081cb64db
ssdeep: 3072:oUAHcmqyMVCsXZvlXuHWqhxHdkBx8vEoVMa9XFzeXdmKrUVhEuUrnHRtEP5IManb:m6Juhu0vEqMgFYddrHRtExJ0Gq
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T10CF31235A29A43ABF363047B5C1673B1C619FE48E6D4970D02417E5F7EF0266614BE38
sha3_384: 3bb888b82fda38de186e45fddeb67c36cbdab2b90f7e3aa43c2caff24d348dd2b376b1d68d4a3fb48ba519e503d1d629
ep_bytes: 60be00e047008dbe0030f8ff5783cdff
timestamp: 2021-08-31 11:52:49


Version Info:

Translation: 0x0409 0x04b0
Comments: MLI32 - ML logic installer
CompanyName: D.Electron
LegalCopyright: © D.Electron - FIRENZE
ProductName: MLI32
FileVersion: 4.13
ProductVersion: 4.13
InternalName: MLI32
OriginalFilename: MLI32.exe

Trojan.Heur.VP2.kmKfauHX6hii also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Kmkfauhx.4!c
MicroWorld-eScanGen:Trojan.Heur.VP2.kmKfauHX6hii
VIPREGen:Trojan.Heur.VP2.kmKfauHX6hii
CrowdStrikewin/malicious_confidence_60% (W)
APEXMalicious
BitDefenderGen:Trojan.Heur.VP2.kmKfauHX6hii
EmsisoftGen:Trojan.Heur.VP2.kmKfauHX6hii (B)
Trapminemalicious.high.ml.score
FireEyeGen:Trojan.Heur.VP2.kmKfauHX6hii
GDataGen:Trojan.Heur.VP2.kmKfauHX6hii
WebrootW32.Trojan.Gen
MAXmalware (ai score=82)
ArcabitTrojan.Heur.VP2.kmKfauHX6hii
ALYacGen:Trojan.Heur.VP2.kmKfauHX6hii
TrendMicro-HouseCallTROJ_GEN.R002H09HG23
MaxSecureTrojan.Malware.215943862.susgen
DeepInstinctMALICIOUS

How to remove Trojan.Heur.VP2.kmKfauHX6hii?

Trojan.Heur.VP2.kmKfauHX6hii removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment