Trojan

Trojan.MalPack.RPE removal tips

Malware Removal

The Trojan.MalPack.RPE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.MalPack.RPE virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan.MalPack.RPE?



File Info:

name: D784E67C842509EEB257.mlw
path: /opt/CAPEv2/storage/binaries/7cc02ff3260fffe34f17001d3c76f58ca9793a7f4db7fd3f06af91a27a64b450
crc32: 205B3AD3
md5: d784e67c842509eeb25792cf23004535
sha1: 412979f5c7c870c97dd7d54fd9ef3155a21d9ab1
sha256: 7cc02ff3260fffe34f17001d3c76f58ca9793a7f4db7fd3f06af91a27a64b450
sha512: 0280e2deaed3d358062bf3685925ac482ddf7b90c6d1acd2ac42793b38dd158ce4752f907a4b5a52abffa7cf764af0eb36472ff6d109a04508107c4db83c1283
ssdeep: 12288:mUs8H4OeDckJHkXVnBsMBqPEDoBy4DqeVq9Q8HsXB5el5f/q:9enJEXVnXkMW1AQOmB5w5K
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18635BE102BE47551D5A63F3718A0C5742662BED1A831FB5F2312F3EC1AB16B3A8D631E
sha3_384: 62b4bfaaf87f5acff82d210be9a37ab685e2a85c1e5dcf424a658a0d78b01d8a2f4e1d47fcae5adde9763fb328b3e02d
ep_bytes: ff2500204d00a82edea12bde157951ec
timestamp: 2022-12-07 16:35:17


Version Info:

Translation: 0x0000 0x04b0
Comments: OnLane ALERT Diagnostics
CompanyName: WABCO
FileDescription: OnLaneNextGen
FileVersion: 13.7.0.7
InternalName: OnLaneNextGen.exe
LegalCopyright: Copyright ©  2016
LegalTrademarks: 
OriginalFilename: OnLaneNextGen.exe
ProductName: 
ProductVersion: 13.7.0.7
Assembly Version: 13.7.0.7

Trojan.MalPack.RPE also known as:

LionicTrojan.Win32.Exnet.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Lazy.328800
ClamAVWin.Malware.Msilheracles-10002329-0
McAfeeArtemis!D784E67C8425
Cylanceunsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058b7951 )
AlibabaTrojan:MSIL/GenKryptik.e68739f7
K7GWTrojan ( 0058b7951 )
CyrenW32/MalwareHiderPatched-based!M
SymantecTrojan.Gen.MBT
tehtrisGeneric.Malware
ESET-NOD32a variant of MSIL/GenKryptik.FOKK
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:Trojan.Win32.GenericML.xnet
BitDefenderGen:Variant.Lazy.328800
AvastWin32:CrypterX-gen [Trj]
TencentWin32.Trojan.Kryptik.Ztjl
EmsisoftGen:Variant.Lazy.328800 (B)
F-SecureTrojan.TR/Kryptik.csbtj
VIPREGen:Variant.Lazy.328800
TrendMicroTROJ_GEN.R002C0XGQ23
McAfee-GW-EditionBehavesLike.Win32.Generic.th
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.d784e67c842509ee
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Lazy.328800
AviraTR/Kryptik.csbtj
Antiy-AVLTrojan/MSIL.GenKryptik
ArcabitTrojan.Lazy.D50460
ZoneAlarmUDS:Trojan.Win32.GenericML.xnet
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5446916
ALYacGen:Variant.Lazy.328800
MAXmalware (ai score=80)
MalwarebytesTrojan.MalPack.RPE
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0XGQ23
RisingMalware.Obfus/MSIL@AI.94 (RDM.MSIL2:+sP8i018L/pGlrFIbguKmg)
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/GenKryptik.FOKK!tr
BitDefenderThetaGen:NN.ZemsilF.36662.ez0@aG8HI5c
AVGWin32:CrypterX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.MalPack.RPE?

Trojan.MalPack.RPE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment