VHO:Backdoor.Win32.DarkKomet information

The VHO:Backdoor.Win32.DarkKomet is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What VHO:Backdoor.Win32.DarkKomet virus can do?

Executable code extraction
The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine VHO:Backdoor.Win32.DarkKomet?


File Info:
crc32: 99454B41
md5: 4a8458abf94f8e841a63491c13c4e5e6
name: 4A8458ABF94F8E841A63491C13C4E5E6.mlw
sha1: 41672aa8abc161d278ac458720c80734743567bd
sha256: 1e0e2b4dcaaa111e9b7fb5c61dce142365a1fd001a2912a131ac32c2d8a4166e
sha512: d2a638272ae487152c80f070c23f096c68d81ee0a20460c163d10d6f584a27f7504c7376c1688a83fd8b7aed97127d02959d734bb8d1d9259d0e5f8a75e78d6c
ssdeep: 6144:LgJw3DgwoZfZJmCwUgAF9UxFemFQNntvJ5oeLpqaRCeoJQWYsa3CCpD0:kJ0DgwobICbvkxJs5Jaet9oJQWpC
type: MS-DOS executable, MZ for MS-DOS

Version Info:
Translation: 0x0409 0x04b0
InternalName: pron4ed
FileVersion: 1.00
CompanyName: Speedy
ProductName: pron5ac
ProductVersion: 1.00
OriginalFilename: pron4ed.exe

VHO:Backdoor.Win32.DarkKomet also known as:

Bkav	W32.AIDetect.malware1
Lionic	Trojan.Win32.Generic.lNH1
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_70% (W)
Alibaba	Trojan:Win32/Refroso.c16b33c5
Cybereason	malicious.8abc16
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	FileRepMalware
Kaspersky	VHO:Backdoor.Win32.DarkKomet.gen
Sophos	Generic PUA EB (PUA)
McAfee-GW-Edition	BehavesLike.Win32.Generic.fc
FireEye	Generic.mg.4a8458abf94f8e84
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Microsoft	Trojan:Win32/Wacatac.B!ml
McAfee	Artemis!4A8458ABF94F
VBA32	Backdoor.DarkKomet
Yandex	Trojan.GenAsa!O3bYNF95XJ4
Ikarus	Trojan.Win32.Refroso
Fortinet	W32/PossibleThreat
AVG	FileRepMalware
Paloalto	generic.ml

How to remove VHO:Backdoor.Win32.DarkKomet?

VHO:Backdoor.Win32.DarkKomet removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X