Virus:Win32/Invictus.B removal tips

The Virus:Win32/Invictus.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Virus:Win32/Invictus.B virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Binary compilation timestomping detected

How to determine Virus:Win32/Invictus.B?


File Info:
name: 6DFEE0DC19B20C4064AA.mlw
path: /opt/CAPEv2/storage/binaries/69d0b009ca29162237a0243406d52ed98c363c459e22017c65d5fb71e833987e
crc32: 4F897086
md5: 6dfee0dc19b20c4064aa278cc3bc2d30
sha1: 9c0e3e4d989bf2513a2df54b9127b9611e04244b
sha256: 69d0b009ca29162237a0243406d52ed98c363c459e22017c65d5fb71e833987e
sha512: c933f9b0e8c92980350425967784cfb28b5ea3db38099cd8b6e4fa4a7a5197b567280a20279835208c5e4760c0c105be797fff819085f8c60da13bdeee951dc7
ssdeep: 384:HFmQbkdcTM+mEynxODXBjZYFnfMBjDE3UDp:cBeM+mEyxODVZYtfMBjDE3U
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T16D725B0A94C002F1E8540A3818FF4973FA7976B581AD9CD4F37C2A1D1B396E6978B61A
sha3_384: b3f21bf640e1b9b0f807891b4aa39a125f998524d938222c3a83cd06bb857f98c03ef3c28500962403aa57156a6ce89b
ep_bytes: c8000000837d0c01751be8200e000083
timestamp: 2029-11-29 15:11:41

Version Info:
0: [No Data]

Virus:Win32/Invictus.B also known as:

Lionic	Virus.Win32.InvictusDLL.n!c
tehtris	Generic.Malware
DrWeb	Win32.Invictus.18432
MicroWorld-eScan	DeepScan:Generic.PWStealer.4.61DAAC16
CMC	Generic.Win32.6dfee0dc19!MD
Skyhigh	BehavesLike.Win32.Generic.lm
McAfee	W32/Invictus.dll
VIPRE	DeepScan:Generic.PWStealer.4.61DAAC16
Sangfor	Suspicious.Win32.Save.a
Alibaba	Virus:Win32/InvictusDLL.f863c32f
CrowdStrike	win/malicious_confidence_100% (D)
BitDefenderTheta	AI:Packer.8CCE543523
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ClamAV	Win.Trojan.InvictusDLL-1
Kaspersky	Virus.Win32.InvictusDLL.201.b
BitDefender	DeepScan:Generic.PWStealer.4.61DAAC16
NANO-Antivirus	Virus.Win32.InvictusDLL.bnce
Avast	Win32:Invictus-G@dll
Emsisoft	DeepScan:Generic.PWStealer.4.61DAAC16 (B)
Zillya	Virus.InvictusDLL.Win32.20
FireEye	Generic.mg.6dfee0dc19b20c40
Sophos	W32/INVICTUS-A
SentinelOne	Static AI – Malicious PE
MAX	malware (ai score=100)
GData	DeepScan:Generic.PWStealer.4.61DAAC16
Google	Detected
Kingsoft	malware.kb.a.1000
Xcitium	Malware@#1f6fhp0oza83d
Arcabit	DeepScan:Generic.PWStealer.4.61DAAC16
ZoneAlarm	Virus.Win32.InvictusDLL.201.b
Microsoft	Virus:Win32/Invictus.B
Cynet	Malicious (score: 100)
VBA32	SScope.Virus.InvictusDLL.201.b
ALYac	DeepScan:Generic.PWStealer.4.61DAAC16
Cylance	unsafe
Rising	Malware.Undefined!8.C (TFE:1:AipM1JAw2WR)
Ikarus	Virus.Win32.InvictusDLL
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Invictus.A
AVG	Win32:Invictus-G@dll
DeepInstinct	MALICIOUS

How to remove Virus:Win32/Invictus.B?

Virus:Win32/Invictus.B removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X