Malware

About “Win64/Packed.VMProtect.LE” infection

Malware Removal

The Win64/Packed.VMProtect.LE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64/Packed.VMProtect.LE virus can do?

  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Anomalous binary characteristics

How to determine Win64/Packed.VMProtect.LE?



File Info:

crc32: C16B6FFD
md5: 904d7bb3d5e04ba8d0a7bc4a01817db9
name: 904D7BB3D5E04BA8D0A7BC4A01817DB9.mlw
sha1: bc83c2cc60a58c7cee6dfb6aa502e2ecc5fcd662
sha256: f7e6624608baa448bc50289fb4450fc0def87d9e12f5ad9e8c8262837cdfbfd3
sha512: b3ae0bb7de70ba9cdc0933fc097a0132d81e574dfe1dd5d3a8beefb0fccba4d76f3d8e592edafdffde5a3132e64ac9e1a0bebf49287b991556143792d760ee28
ssdeep: 196608:c1q3YWcOjuWJuIMP8dDfkiGgcWKtDlX+6x3NhXTqil0kYZ7KeMl+:Aq3YvOaWJlMP8BfT3cWKhlXlNFVefM
type: PE32+ executable (GUI) x86-64 (stripped to external PDB), for MS Windows


Version Info:

0: [No Data]

Win64/Packed.VMProtect.LE also known as:

K7AntiVirusTrojan ( 0056c47c1 )
LionicTrojan.Win32.Wofith.4!c
DrWebTrojan.DownLoader41.30329
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.37483387
CylanceUnsafe
SangforTrojan.Win32.Wofith.hfb
K7GWTrojan ( 0056c47c1 )
Cybereasonmalicious.c60a58
SymantecTrojan.Gen.2
ESET-NOD32a variant of Win64/Packed.VMProtect.LE
APEXMalicious
AvastWin64:Trojan-gen
KasperskyTrojan.Win32.Wofith.hfb
BitDefenderTrojan.GenericKD.37483387
MicroWorld-eScanTrojan.GenericKD.37483387
TencentWin32.Trojan.Wofith.Hqbl
Ad-AwareTrojan.GenericKD.37483387
SophosMal/Generic-S
ComodoMalware@#ugdb4aw2m0dw
McAfee-GW-EditionBehavesLike.Win64.Generic.rc
FireEyeGeneric.mg.904d7bb3d5e04ba8
EmsisoftTrojan.GenericKD.37483387 (B)
AviraTR/AD.PSLoader.maywq
KingsoftWin32.Troj.Wofith.h.(kcloud)
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataWin32.Trojan-Downloader.Generic.2PPS2C
McAfeeArtemis!904D7BB3D5E0
MAXmalware (ai score=85)
PandaTrj/CI.A
YandexTrojan.Wofith!/hYKTG0gkkQ
IkarusTrojan.Win64.Vmprotect
FortinetW32/PossibleThreat
AVGWin64:Trojan-gen
Paloaltogeneric.ml

How to remove Win64/Packed.VMProtect.LE?

Win64/Packed.VMProtect.LE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment