Malware

Barys.387350 (B) (file analysis)

Malware Removal

The Barys.387350 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Barys.387350 (B) virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Barys.387350 (B)?



File Info:

name: 9BC74E980699B1E48CD0.mlw
path: /opt/CAPEv2/storage/binaries/14c05f6624779e935ddaccb26f6fc1afaceaab7d92dc8c726cfcdd01bee3a3d9
crc32: B69FDD90
md5: 9bc74e980699b1e48cd0477072a0f480
sha1: 0d800cd4921ff468a8b99c7e7572ca13b6c6a7ab
sha256: 14c05f6624779e935ddaccb26f6fc1afaceaab7d92dc8c726cfcdd01bee3a3d9
sha512: 0c7bc13a74354a5209e978db8067900537f54a5cef1ca2bc77000822450fd093a5d80c55e018bf43547b2f99308b7bdfb2cf3f2958af2a620ed254352cc20fc9
ssdeep: 24576:VougiTmXX3ueZ0hg9d8UGFKGjvKk+h+8fEvdDrGnrdEROGHOh+Bo1scC/hRJHOh:VougfesefQEvdDqnroHO1sBHO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A1C5F122FF81C77AD4322A7A8C17DF959536BD601D34A86737ED3F0D0EB92843A19192
sha3_384: 85e0c44f2f877ed63cbce327e96888c56df6e46b4c2d7013c2ce9a9cd4e543d69e2a3a70cdcdb4ea749ab021a76b8860
ep_bytes: 558becb90a0000006a006a004975f953
timestamp: 2019-01-01 12:39:16


Version Info:

CompanyName: 178网游工作室
FileDescription: 商业程序
InternalName: LoginTools.exe
LegalCopyright: 版权所有 (C) 2010
OriginalFilename: LoginTools.exe
ProductName: 商业程序
ProductVersion: 1, 0, 0, 0
FileVersion: 1,0,0,0
Translation: 0x0804 0x03a8

Barys.387350 (B) also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Zusy.4!c
MicroWorld-eScanGen:Variant.Barys.387350
FireEyeGeneric.mg.9bc74e980699b1e4
SkyhighBehavesLike.Win32.Backdoor.vh
ALYacGen:Variant.Barys.387350
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTool.GameTool.Win32.345
SangforSuspicious.Win32.Save.ins
K7AntiVirusRiskware ( 004f8ab61 )
AlibabaRiskWare:Win32/Generic.43ae0ae3
K7GWRiskware ( 004f8ab61 )
Cybereasonmalicious.4921ff
ArcabitTrojan.Barys.D5E916
VirITBackdoor.Win32.BlackHole.DCIX
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/RiskWare.GameTool.S
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Zusy-9953138-0
BitDefenderGen:Variant.Barys.387350
NANO-AntivirusTrojan.Win32.BlackHole.fmkybw
AvastWin32:TrojanX-gen [Trj]
TencentRiskware.Win32.Gametool.16000715
EmsisoftGen:Variant.Barys.387350 (B)
F-SecureHeuristic.HEUR/AGEN.1324621
DrWebBackDoor.BlackHole.54311
VIPREGen:Variant.Barys.387350
Trapminemalicious.moderate.ml.score
SophosMal/Generic-S
IkarusTrojan-Spy.Lmir
JiangminTrojan.Generic.gwkzf
VaristW32/Legendmir.O.gen!Eldorado
AviraHEUR/AGEN.1324621
Antiy-AVLTrojan[PSW]/Win32.Lmir
XcitiumApplication.Win32.Gametool.S@82mesl
MicrosoftPWS:Win32/Lmir
GDataWin32.Trojan.PSE.10SL7FA
GoogleDetected
AhnLab-V3Malware/Win32.RL_Generic.R361703
McAfeeGenericRXGA-BH!9BC74E980699
MAXmalware (ai score=86)
VBA32TScope.Trojan.Delf
Cylanceunsafe
PandaTrj/Genetic.gen
RisingMalware.Lmir!8.E96A (TFE:4:O3SmxUSLvmB)
YandexTrojan.GenAsa!q20EZOu1gCk
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.9955842.susgen
FortinetRiskware/GameTool
BitDefenderThetaAI:Packer.C6B1A80219
AVGWin32:TrojanX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Barys.387350 (B)?

Barys.387350 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment