Backdoor

Backdoor.Win32.VB.bnv information

Malware Removal

The Backdoor.Win32.VB.bnv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.Win32.VB.bnv virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

How to determine Backdoor.Win32.VB.bnv?



File Info:

name: 1BDD69A852996E43B501.mlw
path: /opt/CAPEv2/storage/binaries/84ec892de3f3e4728e552c77b740544b78dbd1bfa34e2a8800bff3d1045ec276
crc32: FA8F0B09
md5: 1bdd69a852996e43b501c41be2d79060
sha1: 5740fe412c8faae841ec1b630ebc4823a70bdcc8
sha256: 84ec892de3f3e4728e552c77b740544b78dbd1bfa34e2a8800bff3d1045ec276
sha512: 4c15f1979d1a37994d1850d050dddbd85a2bf61e17712a6634614d9c66fe29376fbd97a3662b297ed13156e40e89c12822b1b983205daf8ffe7de51766612d78
ssdeep: 3072:OE9j8b3ZXgKC1hX//iASOXRJzDOD26j/3Dc89:OEebiKuX//iZOXRJ3OD26jL9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D2C30923FA94701ED553C9F1283A56693C1A7D390BE0AD8776C16E452A72683F8F231F
sha3_384: 5a89dea9cdea4b7e808d5c5a3005c4da6e3c1f14a1a09eec314202c710069874205f735b4d53adec477d7c7f8189aaa9
ep_bytes: 687c344000e8f0ffffff000000000000
timestamp: 2007-06-30 00:14:28


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Windows NT Session Manager
FileVersion: 5.1.2600.2180 (xpsp_sp2_rtm.040803-2158)
InternalName: smss.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: smss.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 5.1.2600.2180
Translation: 0x0409 0x04b0

Backdoor.Win32.VB.bnv also known as:

BkavW32.AIDetectMalware
DrWebTrojan.MulDrop3.21106
MicroWorld-eScanTrojan.GenericKD.49418307
ClamAVWin.Trojan.Backdoorx-9955014-0
CAT-QuickHealBackdoor.AgentVMF.S28819259
McAfeeGenericRXUW-JQ!1BDD69A85299
MalwarebytesGeneric.Malware.AI.DDS
ZillyaBackdoor.VB.Win32.10400
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0059c7f01 )
K7GWTrojan ( 0059c7f01 )
Cybereasonmalicious.852996
BitDefenderThetaGen:NN.ZevbaF.36250.hm1@aid74Lhi
CyrenW32/VB.XI.gen!Eldorado
SymantecBackdoor.Trojan
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/VB.NMD
APEXMalicious
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.VB.bnv
BitDefenderTrojan.GenericKD.49418307
NANO-AntivirusTrojan.Win32.VB.jttyju
ViRobotBackdoor.Win32.A.VB.118784.B
AvastWin32:BackdoorX-gen [Trj]
TencentTrojan.Win32.Backdoor.zk
EmsisoftTrojan.GenericKD.49418307 (B)
F-SecureTrojan.TR/Dropper.Gen
VIPRETrojan.GenericKD.49418307
McAfee-GW-EditionBehavesLike.Win32.Generic.cm
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.1bdd69a852996e43
SophosTroj/VB-LEB
SentinelOneStatic AI – Suspicious PE
JiangminBackdoor.VB.co
AviraTR/Dropper.Gen
Antiy-AVLTrojan[Backdoor]/Win32.VB
MicrosoftTrojan:Win32/Comame!gmb
ArcabitTrojan.Generic.D2F21043
ZoneAlarmBackdoor.Win32.VB.bnv
GDataTrojan.GenericKD.49418307
GoogleDetected
AhnLab-V3Backdoor/Win.VB.R523913
VBA32Backdoor.VB
ALYacTrojan.GenericKD.49418307
MAXmalware (ai score=81)
Cylanceunsafe
PandaTrj/Genetic.gen
RisingBackdoor.VB!8.32C (TFE:3:w0Ck1d6OW1V)
YandexTrojan.GenAsa!GPjPD8Wqigw
IkarusBackdoor.Win32.VB
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VB.NMD!tr
AVGWin32:BackdoorX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Backdoor.Win32.VB.bnv?

Backdoor.Win32.VB.bnv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment