Malware

Barys.315849 (B) removal tips

Malware Removal

The Barys.315849 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Barys.315849 (B) virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is likely packed with VMProtect
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Barys.315849 (B)?



File Info:

name: 4310B9E49E4EE02C53F6.mlw
path: /opt/CAPEv2/storage/binaries/4ef6e95518c0bb5f45d6472ba38b05da8bd4621c7f7b2a4cc1632c1de601fd0e
crc32: D1C095DE
md5: 4310b9e49e4ee02c53f65ef4e9c4bd4e
sha1: 66662c8ec7d32f8c39448b25087585a20ec1c02f
sha256: 4ef6e95518c0bb5f45d6472ba38b05da8bd4621c7f7b2a4cc1632c1de601fd0e
sha512: 7ed0f6d072e78dab5e08bfe8fd49c29c2bb208ef109fece111700c4f2682c6149e90a4329c4346b2f9d02a314d1e2302d7f1dceea6334cdef10f40a118e4b318
ssdeep: 6144:gWdfra8AH8Fn27fvPS6O3M+7T9kb0gpsemfHEsMU:gOfrcHnnfOJ7T9kbBsemfHb9
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T10B44BE387FDC5046C3E913B9A4B200A096F0A6A1F953F7EB664D9AF1A9673D54C2430F
sha3_384: 0c20dc88b52fb2f285f28122c47c24c8aba0d5c34bfd54383ee2d13a4e19ebb55d9a3701f57dae89e408e788106264dd
ep_bytes: ff2500e04200007e22fc200ccf687071
timestamp: 2074-08-03 06:42:31


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: SharpMonoInjector.Console
FileVersion: 1.0.0.0
InternalName: smi.exe
LegalCopyright: Copyright ©  2019
LegalTrademarks: 
OriginalFilename: smi.exe
ProductName: SharpMonoInjector.Console
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Barys.315849 (B) also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanGen:Variant.Barys.315849
FireEyeGeneric.mg.4310b9e49e4ee02c
ALYacGen:Variant.Barys.315849
CylanceUnsafe
VIPREGen:Variant.Barys.315849
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 7000001c1 )
K7GWTrojan ( 7000001c1 )
Cybereasonmalicious.49e4ee
BitDefenderThetaGen:NN.ZemsilF.34606.qu0@aGdwgud
CyrenW32/MSIL_Kryptik.CRG.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Packed.VMProtect.B
APEXMalicious
BitDefenderGen:Variant.Barys.315849
AvastWin32:Evo-gen [Susp]
Ad-AwareGen:Variant.Barys.315849
EmsisoftGen:Variant.Barys.315849 (B)
McAfee-GW-EditionBehavesLike.Win32.Ramnit.dc
SophosMal/VMProtBad-A
SentinelOneStatic AI – Malicious PE
GoogleDetected
AviraHEUR/AGEN.1226416
MicrosoftTrojan:Win32/Wacatac.B!ml
GDataGen:Variant.Barys.315849
CynetMalicious (score: 100)
Acronissuspicious
MAXmalware (ai score=84)
MalwarebytesMalware.Heuristic.1003
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:8/12k/AQePlrni+qWh8fLQ)
IkarusTrojan.MSIL.Vmprotect
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:Evo-gen [Susp]
CrowdStrikewin/malicious_confidence_70% (D)

How to remove Barys.315849 (B)?

Barys.315849 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment