Trojan.PNGCrypt.Generic malicious file

The Trojan.PNGCrypt.Generic is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.PNGCrypt.Generic virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine Trojan.PNGCrypt.Generic?


File Info:
name: 36CE48E31D675698D3DE.mlw
path: /opt/CAPEv2/storage/binaries/070b9d022843ac420d8bdfcb8f91d5d5dace6ddc452cff9e0d3f85d564030d31
crc32: 00B31974
md5: 36ce48e31d675698d3de4fd0c982610f
sha1: dfdc64435e7ef404be8932a5d9f80792e1b00074
sha256: 070b9d022843ac420d8bdfcb8f91d5d5dace6ddc452cff9e0d3f85d564030d31
sha512: a7682869b9eb9c543ba27d7ea9af69eddcb4ccecd5a2032ce78180aae6faa387da61331eefa4b50c1168d7d1e1999fda07c6bfed3615d0da656e6d955f3beac0
ssdeep: 6144:XHjoSGgYOudQO5r6pW6Gh2mTEsc6ZGA6ZR6kwdgnMVgTYgGD:sSYOudRN6pHFmFZeR6kwj+b
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18974225AA7E8B117E6E557F936F60C191336294C455BFBCB1E90308A29F6BC00902F2F
sha3_384: de3b44490df56561ce7cb2c223584ed0699f2c6bf9decd3bf0bac2987e5ea9c1cd1cde9513a5c4bfab1bd654f3b6b87c
ep_bytes: ff250020400000000000000000000000
timestamp: 2024-01-24 06:16:12

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 1.0.0.0
InternalName: EnoQgae.exe
LegalCopyright:  
OriginalFilename: EnoQgae.exe
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan.PNGCrypt.Generic also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Agensla.i!c
Cynet	Malicious (score: 100)
FireEye	Generic.mg.36ce48e31d675698
Skyhigh	BehavesLike.Win32.Generic.fh
McAfee	Artemis!36CE48E31D67
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_90% (D)
Arcabit	Trojan.Lazy.D7266B
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/GenKryptik.GSKN
APEX	Malicious
Kaspersky	HEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefender	Gen:Variant.Lazy.468587
MicroWorld-eScan	Gen:Variant.Lazy.468587
Avast	Win32:PWSX-gen [Trj]
Tencent	Msil.Trojan-QQPass.QQRob.Rzfl
Emsisoft	Gen:Variant.Lazy.468587 (B)
DrWeb	Trojan.PackedNET.2643
Sophos	Mal/Generic-S
Kingsoft	malware.kb.c.996
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
ZoneAlarm	HEUR:Trojan-PSW.MSIL.Agensla.gen
GData	Gen:Variant.Lazy.468587
AhnLab-V3	Malware/Gen.RL_Reputation.C4311841
Malwarebytes	Trojan.PNGCrypt.Generic
Rising	Stealer.Agensla!8.13266 (CLOUD)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/GenKryptik.GSWO!tr
BitDefenderTheta	Gen:NN.ZemsilF.36680.um0@auHxw2i
AVG	Win32:PWSX-gen [Trj]
Cybereason	malicious.35e7ef
DeepInstinct	MALICIOUS

How to remove Trojan.PNGCrypt.Generic?

Trojan.PNGCrypt.Generic removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X