Win32/Packed.Molebox.K suspicious removal instruction

The Win32/Packed.Molebox.K suspicious is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Packed.Molebox.K suspicious virus can do?

Behavioural detection: Executable code extraction – unpacking
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Win32/Packed.Molebox.K suspicious?


File Info:
name: D4AAD5B96D3062A5994D.mlw
path: /opt/CAPEv2/storage/binaries/2018631ee0e578207817ad055ea93af6c7c695299b4f278d3d82b8b5d64d586a
crc32: B65632AD
md5: d4aad5b96d3062a5994d8748bd00dcab
sha1: 1284f760dffa2e632c1383e35944aab0ee3194cd
sha256: 2018631ee0e578207817ad055ea93af6c7c695299b4f278d3d82b8b5d64d586a
sha512: 7989491337a8d0a0c3b6104836bd6ad5896c8a562a15b14bd0e062f9a11aea7a5ba44104ae455f8eb4123d459a76fde6890bced4d895a2bf6a0e1cf17dfe6c46
ssdeep: 6144:bG7ZinVW5GJZ2tNYLj8MfsKGqkYEFSxipEsnh0PSob/qx:67ZiVzYKj86smjCSxipBnuPSS8
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T196341377B7AA9BD4C9C1AD307B12367D8BF4BD45205A404B064DBC1B2CBA2DC857293E
sha3_384: 0f640e6991472d82e00ad40b9778e70736b3c6af14092eac83c03960fb6978c4ba6a64be95a38ff2e87e1e17f85bb2f6
ep_bytes: eb168b1500204700ff328f0500204700
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

Win32/Packed.Molebox.K suspicious also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Generic.lqzM
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Trojan.Heur.pSW@rTrnZRd
ClamAV	Win.Trojan.Manbat-6915473-0
FireEye	Generic.mg.d4aad5b96d3062a5
ALYac	Gen:Trojan.Heur.pSW@rTrnZRd
Cylance	Unsafe
VIPRE	Gen:Trojan.Heur.pSW@rTrnZRd
Sangfor	Suspicious.Win32.Save.ins
K7AntiVirus	Trojan ( 7000000f1 )
Alibaba	RiskWare:Win32/PowerSpy.e0a5683b
K7GW	Trojan ( 7000000f1 )
CrowdStrike	win/malicious_confidence_90% (W)
Symantec	ML.Attribute.HighConfidence
tehtris	Generic.Malware
ESET-NOD32	a variant of Win32/Packed.Molebox.K suspicious
Zoner	Probably Heur.ExeHeaderL
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Trojan.Heur.pSW@rTrnZRd
NANO-Antivirus	Trojan.Win32.MWPM.omhrh
Avast	Win32:Evo-gen [Trj]
Rising	Trojan.Occamy!8.F1CD (TFE:1:kYFKtkSszTS)
Ad-Aware	Gen:Trojan.Heur.pSW@rTrnZRd
Emsisoft	Gen:Trojan.Heur.pSW@rTrnZRd (B)
Comodo	Malware@#1zdtha91el6zm
DrWeb	BackDoor.Bifrost.21167
Zillya	Backdoor.RBot.Win32.28024
McAfee-GW-Edition	BehavesLike.Win32.Backdoor.dc
Trapmine	malicious.high.ml.score
Sophos	Mal/Generic-R + Mal/Behav-043
SentinelOne	Static AI – Malicious PE
GData	Gen:Trojan.Heur.pSW@rTrnZRd
Jiangmin	Trojan/PSW.Dybalom.ath
Webroot	W32.Malware.Gen
Avira	TR/Crypt.MWPM.Gen
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Generic.ASMalwS.31B6
Kingsoft	Win32.Troj.Generic.a.(kcloud)
Arcabit	Trojan.Heur.ECEA2C
ZoneAlarm	Packed.Multi.MultiPacked.gen
Microsoft	Trojan:Win32/Occamy.C20
Google	Detected
AhnLab-V3	Trojan/Win32.Injector.C83963
McAfee	Artemis!D4AAD5B96D30
VBA32	Backdoor.Bifrose
Malwarebytes	Generic.Trojan.Dropper.DDS
Tencent	Win32.Packed.Multipacked.Ctgl
Yandex	Riskware.Molebox!tjt+Tx8ldOw
Ikarus	Trojan-Dropper.SuspectCRC
MaxSecure	Trojan.Malware.3203891.susgen
Fortinet	W32/RBot.AVKY!tr.bdr
BitDefenderTheta	AI:Packer.83F8CBA21B
AVG	Win32:Evo-gen [Trj]
Cybereason	malicious.96d306

How to remove Win32/Packed.Molebox.K suspicious?

Win32/Packed.Molebox.K suspicious removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X