Malware

Barys.336639 removal

Malware Removal

The Barys.336639 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Barys.336639 virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Barys.336639?



File Info:

name: 4E4316D15D0C2D50CE28.mlw
path: /opt/CAPEv2/storage/binaries/c26e13b39e3e087842cd3c25110692ad6a9f937a5501d95b162884b29bbfc563
crc32: 5962A3F6
md5: 4e4316d15d0c2d50ce2839d3196ea680
sha1: 130e40763af0666b91b44b37848445978e7a3733
sha256: c26e13b39e3e087842cd3c25110692ad6a9f937a5501d95b162884b29bbfc563
sha512: 0fe858b1612bfdae8c83f46e67eabc7fc5e0bcf3c1254789397075b05e9fcbedc6e06e0e37c219e4f45ac58ea4e1f4e05a7f300507d0938fabf0680436beef88
ssdeep: 12288:+mcusxomIn65ocE7ERglzM0MV3Y7hcAWEh8jm6EtUNiOa0kn:+husxomIn65or3WJjm6pz/kn
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1ADD48CC8BA9302F1F72B64F6A259FB7E8E2463014415DC07D7A4CF92BB73523D9112A9
sha3_384: 341da80f977d3730f8b2b2e857146da739450ac4a4ef34cec6b659d3d6fa72a16c0ccdd8ac8b1ced05e3d975cc3dcbd4
ep_bytes: c7055c00490000000000e9b1fcffff90
timestamp: 2022-09-05 00:01:37


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Displays NIC MAC information
FileVersion: 10.0.19041.1 (WinBuild.160101.0800)
InternalName: GetMac.exe
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: GetMac.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1
Translation: 0x0409 0x04b0

Barys.336639 also known as:

DrWebBackDoor.DarkCrystalNET.18
MicroWorld-eScanGen:Variant.Barys.336639
FireEyeGeneric.mg.4e4316d15d0c2d50
ALYacGen:Variant.Barys.336639
CylanceUnsafe
K7AntiVirusTrojan ( 005979b31 )
K7GWTrojan ( 005979b31 )
Cybereasonmalicious.63af06
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/GenKryptik.FZNB
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Barys.336639
AvastWin32:Trojan-gen
Ad-AwareGen:Variant.Barys.336639
VIPREGen:Variant.Babar.96711
McAfee-GW-EditionArtemis!Trojan
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Barys.336639 (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Variant.Barys.336639
Antiy-AVLTrojan/Generic.ASMalwS.5123
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
MAXmalware (ai score=81)
VBA32BScope.TrojanDownloader.Private
MalwarebytesTrojan.Dropper
RisingTrojan.Kryptik!8.8 (TFE:5:ghi3DcAZflQ)
FortinetW32/DotNetPacker.A!tr
AVGWin32:Trojan-gen

How to remove Barys.336639?

Barys.336639 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment