Malware

VirTool:Win32/Obfuscator.GE removal

Malware Removal

The VirTool:Win32/Obfuscator.GE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VirTool:Win32/Obfuscator.GE virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine VirTool:Win32/Obfuscator.GE?



File Info:

crc32: 144982CB
md5: b45e45f05e9555a107c9f79a2688cad0
name: B45E45F05E9555A107C9F79A2688CAD0.mlw
sha1: de0b17f70c8a3f571304881ea28ac3bc6d78fdb7
sha256: ac9c6b96e162481d5e60f7e910348711ae3fb8f8e38af58aafd6138c7e3a06f5
sha512: 1adb95462cbf14a86863fb4cee8ea72b5659f38f2f6a7706db063f5115317d42617a9b74b0d145b1b175d4e4f90659309b2cefdda3db26d3091097d11f02135b
ssdeep: 6144:ftkowuKdwe79qmX1BywB/WrSSLwqMcs2W0wC/XJgfWKX4l:kuiZJTyKWrPfMcsGtl
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

FileVersion: 1.2.3.10
CompanyName: x51e4x51f0x5de5x4f5cx5ba4
Comments: x7070x9e3dx5b50x8fdcx7a0bx7ba1x7406
ProductVersion: 1.2.3.0
FileDescription: x51e4x51f0x5de5x4f5cx5ba4
OriginalFilename: H_Client.exe
Translation: 0x0804 0x03a8

VirTool:Win32/Obfuscator.GE also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.Packed.551
CynetMalicious (score: 100)
ALYacGen:Trojan.Heur.GM.1400850800
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
Cybereasonmalicious.05e955
CyrenW32/SuspPack.AC.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.NIC
APEXMalicious
AvastWin32:Evo-gen [Susp]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Trojan.Heur.GM.1400850800
MicroWorld-eScanGen:Trojan.Heur.GM.1400850800
Ad-AwareGen:Trojan.Heur.GM.1400850800
SophosMal/Generic-R
ComodoPacked.Win32.MUPX.Gen@24tbus
BitDefenderThetaAI:Packer.755E44071D
VIPREVirTool.Win32.Obfuscator.nm (v)
TrendMicroTROJ_GEN.R005C0DF721
McAfee-GW-EditionBehavesLike.Win32.Sytro.bt
FireEyeGeneric.mg.b45e45f05e9555a1
EmsisoftGen:Trojan.Heur.GM.1400850800 (B)
SentinelOneStatic AI – Malicious PE
JiangminHeur:Backdoor/Huigezi
AviraBDS/Hupigon.Gen
eGambitUnsafe.AI_Score_97%
MicrosoftVirTool:Win32/Obfuscator.GE
ArcabitTrojan.Heur.GM.D537F4970
GDataGen:Trojan.Heur.GM.1400850800
AhnLab-V3Backdoor/Win32.Hupigon.R839
Acronissuspicious
McAfeeBackDoor-AWQ.gen.r
MAXmalware (ai score=88)
VBA32Trojan-Downloader.HangMao
MalwarebytesMalware.AI.747942345
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R005C0DF721
RisingMalware.Heuristic!ET#100% (RDMK:cmRtazpgRP5Hl4hLjnn9yCJvs7LY)
YandexTrojan.Hupigon.Gen!Pac.6
IkarusTrojan-Dropper.Win32.Hupigon
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.KYT!tr
AVGWin32:Evo-gen [Susp]

How to remove VirTool:Win32/Obfuscator.GE?

VirTool:Win32/Obfuscator.GE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment