Barys.323402 information

The Barys.323402 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Barys.323402 virus can do?

Sample contains Overlay data
Unconventionial language used in binary resources: Korean
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Barys.323402?


File Info:
name: 555DE3CE1457F5F20259.mlw
path: /opt/CAPEv2/storage/binaries/b5ec6f43e7dbde04210d6467297d3f029adfd59c924d44d0dbbee509fe939992
crc32: 429130A3
md5: 555de3ce1457f5f202598c6fd76eece5
sha1: fd64895ded3d0f1e8bb893625003563855714deb
sha256: b5ec6f43e7dbde04210d6467297d3f029adfd59c924d44d0dbbee509fe939992
sha512: 3e1538bc55bc953e6e9e3eab23431fe3abf2ba965072ed3b71b95a46cb41384855de30ce9b55dd365dd3084d8c423a7375242c69cc19063e6fa95f36cfa05b6c
ssdeep: 24576:N7eHDZkTqiKgi00000000000000000000000000000000000000000000000000t:NiHuG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15866F8017B9C984AD52DEE365931D7625B3AFCC6E92602C735B73F1BBA372900A41E43
sha3_384: 32f57a7dd9e1da841557569fcb64c3b08432fa9e757799649459a840b45dd17643961b24ef16f7a6cfffd9ad80ad5ae2
ep_bytes: 8bff558bece826c90000e8110000005d
timestamp: 2021-12-13 08:25:27

Version Info:
Translations: 0x0164 0x0365

Barys.323402 also known as:

Bkav	W32.AIDetect.malware2
MicroWorld-eScan	Gen:Variant.Barys.323402
McAfee	Packed-GEE!555DE3CE1457
VIPRE	Gen:Variant.Barys.323402
Sangfor	Trojan.Win32.Save.a
Cybereason	malicious.ded3d0
Elastic	malicious (high confidence)
ClamAV	Win.Packed.Crypterx-9954995-0
BitDefender	Gen:Variant.Barys.323402
Ad-Aware	Gen:Variant.Barys.323402
Emsisoft	Gen:Variant.Barys.323402 (B)
TrendMicro	Ransom.Win32.STOP.SMYXBFX.hp
McAfee-GW-Edition	BehavesLike.Win32.Autorun.vm
SentinelOne	Static AI – Malicious PE
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.555de3ce1457f5f2
Sophos	ML/PE-A
Ikarus	Trojan-Ransom.StopCrypt
GData	Gen:Variant.Barys.323402
Google	Detected
Microsoft	Ransom:Win32/StopCrypt.SLK!MTB
Cynet	Malicious (score: 100)
VBA32	BScope.Trojan.Wacatac
ALYac	Gen:Variant.Barys.323402
MAX	malware (ai score=87)
APEX	Malicious
Rising	Malware.Obscure!1.A3BB (CLASSIC)
MaxSecure	Trojan.Malware.121218.susgen
Panda	Trj/Genetic.gen
CrowdStrike	win/malicious_confidence_70% (D)

How to remove Barys.323402?

Barys.323402 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X