Spy

Win64/Spy.Mekotio.P malicious file

Malware Removal

The Win64/Spy.Mekotio.P is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win64/Spy.Mekotio.P virus can do?

  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

How to determine Win64/Spy.Mekotio.P?



File Info:

crc32: 784F8F88
md5: 4ea2c49920dfc1dbcc1ffb5a7300c441
name: 4EA2C49920DFC1DBCC1FFB5A7300C441.mlw
sha1: 01a1e816266a13a760a60bb00d047b14c8b35d01
sha256: 6ef0e93b9e0ddd5e3bbe36c5fdefa2dfd7a8d985fe36af2af5670b3671a1bd26
sha512: b21e203d6e1b74f752189c45ac56b6c4096fd44d44e0a498d936a816a97140dcd39939efaf9431a31cc54ea0a384e21cad95b7eed8905efd4b66107c06250207
ssdeep: 196608:hJ7In8fJaw8k9pDGOVSNatSyk8uwBtNf7lGGlswN27OZO5pBn:h+8fampDdshyk8hLG0gsOp
type: PE32+ executable (DLL) (GUI) x86-64, for MS Windows


Version Info:

ProgramID: com.embarcadero.VdXUorXB05Bdn
ProductName: VdXUorXB05Bdn
FileVersion: 1.0.0.0
ProductVersion: 1.0.0.0
FileDescription: VdXUorXB05Bdn
Translation: 0x0409 0x04e4

Win64/Spy.Mekotio.P also known as:

Elasticmalicious (high confidence)
DrWebTrojan.Mekotio.23
ALYacTrojan.Agent.FGHR
CrowdStrikewin/malicious_confidence_80% (W)
BitDefenderTrojan.Agent.FGHR
CyrenW64/Mekotio.H.gen!Eldorado
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of Win64/Spy.Mekotio.P
APEXMalicious
AlibabaTrojanSpy:Win64/Mekotio.4d347b49
MicroWorld-eScanTrojan.Agent.FGHR
Ad-AwareTrojan.Agent.FGHR
McAfee-GW-EditionBehavesLike.Win64.Softcnapp.wc
FireEyeGeneric.mg.4ea2c49920dfc1db
EmsisoftTrojan.Agent.FGHR (B)
GridinsoftTrojan.Heur!.02296222
GDataTrojan.Agent.FGHR
AhnLab-V3Trojan/Win.Agent.R418241
McAfeeArtemis!4EA2C49920DF
MAXmalware (ai score=85)
MalwarebytesMalware.AI.4211687409
RisingSpyware.Mekotio!8.F5DF (CLOUD)
IkarusTrojan.Win64.Spy
FortinetW64/Mekotio.P!tr.spy

How to remove Win64/Spy.Mekotio.P?

Win64/Spy.Mekotio.P removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment