Malware

About “Barys.431091 (B)” infection

Malware Removal

The Barys.431091 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Barys.431091 (B) virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Barys.431091 (B)?



File Info:

name: A9810BEAC1DA29A606FB.mlw
path: /opt/CAPEv2/storage/binaries/5ab6b0703dad51fe5bb7c711cfaafd468572f99e06f639af1d43a33f7e5b301c
crc32: 2140C0E2
md5: a9810beac1da29a606fb200e706400c9
sha1: d1f166e07a4dd0fcf30a6756eb98b5324b31d217
sha256: 5ab6b0703dad51fe5bb7c711cfaafd468572f99e06f639af1d43a33f7e5b301c
sha512: 24aa99155e9ddf98d4a6346576cfaa95b715d83b0c8441c8786bbbc8813146d5b7b0abc157849be15b6b882e5f811ae3ca2f2cfbac1da3ebd040d34c6c02ed80
ssdeep: 6144:9ptf01DifkpJFhSpe/+Ij7NweeJEKlJ85eg/0ISDhfq:9pt8RisJXKIj3e6Rvd/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T179242F54B38099BBF4B18DFAA7A50353009C5D38A9C57213F3C99B1A3579CE682707EB
sha3_384: 5f517cc89ccef77c1dd3465a6432033d714da6064e50720b2b563898be51a8685e5ef55870a089393e01511189055977
ep_bytes: 68d03d4000e8f0ffffff000000000000
timestamp: 2011-03-04 03:50:08


Version Info:

Translation: 0x0409 0x04b0
ProductName: ZSyPhNICRLuadOfCoF
FileVersion: 9.95
ProductVersion: 9.95
InternalName: lDGakgWn
OriginalFilename: lDGakgWn.exe

Barys.431091 (B) also known as:

LionicWorm.Win32.WBNA.loaR
MicroWorld-eScanGen:Variant.Barys.431091
FireEyeGeneric.mg.a9810beac1da29a6
CAT-QuickHealWorm.VbnaVMF.S19741000
ALYacGen:Variant.Barys.431091
MalwarebytesGeneric.Malware.AI.DDS
ZillyaWorm.VBNA.Win32.1455444
SangforSuspicious.Win32.Save.vb
K7AntiVirusNetWorm ( 700000151 )
AlibabaWorm:Win32/Vobfus.c146ac97
K7GWNetWorm ( 700000151 )
Cybereasonmalicious.ac1da2
ArcabitTrojan.Barys.D693F3
BitDefenderThetaAI:Packer.D001F01920
VirITWorm.Win32.VBNA.ARXW
CyrenW32/Vobfus.P.gen!Eldorado
SymantecW32.Changeup
Elasticmalicious (high confidence)
ESET-NOD32Win32/AutoRun.VB.ABZ
APEXMalicious
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyWorm.Win32.VBNA.arxw
BitDefenderGen:Variant.Barys.431091
NANO-AntivirusTrojan.Win32.VB.cojabz
SUPERAntiSpywareTrojan.Agent/Gen-ZBot
AvastWin32:VB-RUG [Wrm]
TencentMalware.Win32.Gencirc.13c38002
EmsisoftGen:Variant.Barys.431091 (B)
BaiduWin32.Worm.VB.tn
F-SecureTrojan.TR/Kazy.14392.19
DrWebTrojan.VbCrypt.60
VIPREGen:Variant.Barys.431091
TrendMicroWORM_VBNA.SMTJ
McAfee-GW-EditionBehavesLike.Win32.Generic.dm
SophosMal/SillyFDC-M
SentinelOneStatic AI – Suspicious PE
GoogleDetected
AviraTR/Kazy.14392.19
Antiy-AVLWorm/Win32.WBNA.gen
MicrosoftWorm:Win32/Vobfus.gen!F
ZoneAlarmWorm.Win32.VBNA.arxw
GDataGen:Variant.Barys.431091
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.VBKrypt.R3426
McAfeeVBObfus.g
MAXmalware (ai score=83)
VBA32Trojan.VB.01301
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VBNA.SMTJ
RisingWorm.Autorun!8.50 (TFE:3:EBRTs3XFnC)
YandexTrojan.GenAsa!39zTfSj+If8
IkarusTrojan.Win32.Genome
FortinetW32/VBKrypt.CA!tr
AVGWin32:VB-RUG [Wrm]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Barys.431091 (B)?

Barys.431091 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment