Trojan

What is “Trojan.Win32.Khalesi.llru”?

Malware Removal

The Trojan.Win32.Khalesi.llru is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Khalesi.llru virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid

How to determine Trojan.Win32.Khalesi.llru?



File Info:

name: 641692090D7B397CB35E.mlw
path: /opt/CAPEv2/storage/binaries/f99e477ecd810f47d9d0a459d9cf3380f8244e281121b2124026da21a16b5da7
crc32: 1CABEF5E
md5: 641692090d7b397cb35e3c348f9e5e21
sha1: d991be04664893b31aabcfb85b7e74a8ec7f9ace
sha256: f99e477ecd810f47d9d0a459d9cf3380f8244e281121b2124026da21a16b5da7
sha512: b3c35b37fb8931d87a31800233fab0d0d33f2f38dd60f5b14753b16f6ceef5855e10ed87dc49eeff6f0023f4b81771f1882894dc43dee6e57c81a2c8f44cb6b4
ssdeep: 98304:gjIfcpDtNDxapiAvojIuA8nDD06u7ZMoDGmjKowz9zRL8idfxnF+CPmH:8DJzCCRg1DG+KoCfTfFPm
type: PE32+ executable (console) x86-64, for MS Windows
tlsh: T1EE7623B97225334CC01AC9785533AD4BB2FA930F56E849A972CF77807F67424DA86F06
sha3_384: 7cca1b7c652b83297a69a0f8fd52edb07571873b598f65461af9eff04d6f1f73e48fb6cd8e84397b2c254fa438236537
ep_bytes: 6860db3238e894c70b007f46a9acfbbf
timestamp: 2021-07-30 12:47:33


Version Info:

0: [No Data]

Trojan.Win32.Khalesi.llru also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.641692090d7b397c
McAfeeArtemis!641692090D7B
CylanceUnsafe
ZillyaTrojan.Khalesi.Win32.38154
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Win32/Khalesi.97f09a95
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_60% (W)
SymantecTrojan.Gen.MBT
TrendMicro-HouseCallTROJ_GEN.R002H07H221
KasperskyTrojan.Win32.Khalesi.llru
AvastWin64:Malware-gen
TencentWin32.Trojan.Khalesi.Wlpe
SophosMal/Generic-R
McAfee-GW-EditionBehavesLike.Win64.Generic.vc
IkarusTrojan.Win64.Vmprotect
eGambitUnsafe.AI_Score_55%
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
APEXMalicious
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW64/VMProtect.IH!tr
AVGWin64:Malware-gen
Cybereasonmalicious.466489

How to remove Trojan.Win32.Khalesi.llru?

Trojan.Win32.Khalesi.llru removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment