Malware

Win32:AceCrypter-L [Cryp] removal guide

Malware Removal

The Win32:AceCrypter-L [Cryp] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:AceCrypter-L [Cryp] virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates the modules from a process (may be used to locate base addresses in process injection)
  • Authenticode signature is invalid

How to determine Win32:AceCrypter-L [Cryp]?



File Info:

name: F861BC43A6E870AF6417.mlw
path: /opt/CAPEv2/storage/binaries/84a695c40e9951655045e8e1380b579de6a5abff03c8937b164381620f3947a7
crc32: 90A2ADDB
md5: f861bc43a6e870af64178dd11f1ae0c9
sha1: c13ac36182d5e4ea1f269dce72c2660efc0c9215
sha256: 84a695c40e9951655045e8e1380b579de6a5abff03c8937b164381620f3947a7
sha512: f8754acdff772df53f6d049d158c14bf9f3831af66884329886e8e4b8389cd12b01f83c5cbf79f1989d484d19f84b9eee568cf28066391d3461e2a23ee9c4b92
ssdeep: 6144:N1vPJ3etnl/nAfanwZaNjoIqyYA0fDZ91:NhJ3Qnl/AynwYN0UgfDZ3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19C74F154BAA0D073C94632B0482BC6BD5E3EBD62CB75C9C33B5617AE5E213D01A3639D
sha3_384: 2142967d721990962b684cb406b231c5b75b42de678008ca7e6ceb6178d1ff14532c71d616ae20d326594d3298274c9c
ep_bytes: e8483b0000e978feffffb810104100c3
timestamp: 2020-09-08 19:32:27


Version Info:

FileVersion: 21.29.11.69
InternationalName: pomgveoci.iwe
Copyright: Copyrighz (C) 2021, fudkorta
ProjectVersion: 1.10.70.57
Translations: 0x0127 0x03ca

Win32:AceCrypter-L [Cryp] also known as:

BkavW32.AIDetect.malware1
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKDZ.83319
FireEyeGeneric.mg.f861bc43a6e870af
CAT-QuickHealTrojan.GenericPMF.S26571226
McAfeePacked-GDT!F861BC43A6E8
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 003e58dd1 )
BitDefenderTrojan.GenericKDZ.83319
K7GWTrojan ( 003e58dd1 )
CrowdStrikewin/malicious_confidence_100% (W)
CyrenW32/Qbot.FK.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HOFA
APEXMalicious
ClamAVWin.Malware.Mikey-9917879-0
KasperskyHEUR:Trojan-Ransom.Win32.Stop.gen
RisingRansom.Stop!8.10810 (TFE:dGZlOgVj2Jm3gsXcXg)
Ad-AwareTrojan.GenericKDZ.83319
EmsisoftTrojan.Crypt (A)
ComodoMalware@#2047phxcqpf07
DrWebTrojan.DownLoader44.29818
McAfee-GW-EditionBehavesLike.Win32.Emotet.fh
SophosML/PE-A + Mal/Agent-AWV
IkarusTrojan-Ransom.StopCrypt
AviraTR/AD.GenSHCode.edpvz
MicrosoftRansom:Win32/StopCrypt.PAT!MTB
ArcabitTrojan.Generic.D14577
GDataWin32.Trojan.Agent.BDR
CynetMalicious (score: 100)
AhnLab-V3Packed/Win.GDT.R469925
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34638.wq0@aCLrOimG
ALYacTrojan.GenericKDZ.83319
MAXmalware (ai score=88)
VBA32BScope.Exploit.ShellCode
MalwarebytesTrojan.MalPack
PandaTrj/Genetic.gen
TencentTrojan-ransom.Win32.Stop.16000284
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/GenericKDZ.6DF1!tr
AVGWin32:AceCrypter-L [Cryp]
Cybereasonmalicious.182d5e
AvastWin32:AceCrypter-L [Cryp]

How to remove Win32:AceCrypter-L [Cryp]?

Win32:AceCrypter-L [Cryp] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment