Malware

What is “Barys.431369”?

Malware Removal

The Barys.431369 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Barys.431369 virus can do?

  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Anomalous binary characteristics

How to determine Barys.431369?


File Info:

name: CA01E65A54B8AF8360D0.mlw
path: /opt/CAPEv2/storage/binaries/d20ee6e432fb6d84217abba050a081cfcfab910af8c566b4c83b01800ecb1643
crc32: 6709D2E1
md5: ca01e65a54b8af8360d0361a2e0a8f9a
sha1: 52515f19aa6b25c7d59fca5f6e3bdd13c3ee52d5
sha256: d20ee6e432fb6d84217abba050a081cfcfab910af8c566b4c83b01800ecb1643
sha512: db61737f2adbdb7bb79566068ac06e316c6a302b98e97256823602b2a6876e6aa17f8752b157e0a85ae8dadfd62f9af67e3d289d1b1979e5d0ab3d6bc1920bfb
ssdeep: 6144:0j55vg0mcolgr3nyLjxf2mjS/uiIUX946bTL:+gdcolpL1S/uiI6q6bT
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1EFC550383D94453BD1B2C7FAD6E31446E7E02A27615EDFC84CC703CA15A7B02AA9166F
sha3_384: a1da529e00773b52a39030a60f6c1c00d7f5a319409602f89cb7654e2b500f1d9419285b32077f6dde9f9d8ebb7f924f
ep_bytes: 4d5a90000300000004000000ffff0000
timestamp: 2023-05-12 14:54:58

Version Info:

Translation: 0x0000 0x04b0
FileDescription:
FileVersion: 0.0.0.0
InternalName: lfspt50j.dll
LegalCopyright:
OriginalFilename: lfspt50j.dll
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Barys.431369 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.InjectNET.14
MicroWorld-eScanGen:Variant.Barys.431369
FireEyeGeneric.mg.ca01e65a54b8af83
ALYacGen:Variant.Barys.431369
MalwarebytesTrojan.Injector.Generic
SangforTrojan.Win32.Save.a
Cybereasonmalicious.9aa6b2
CyrenW64/MSIL_Tiny.AF.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Injector.VRP
APEXMalicious
KasperskyHEUR:Trojan.MSIL.Inject.gen
BitDefenderGen:Variant.Barys.431369
AvastWin64:InjectorX-gen [Trj]
TencentTrojan.MSIL.Inject.16000647
EmsisoftGen:Variant.Barys.431369 (B)
F-SecureHeuristic.HEUR/AGEN.1313922
VIPREGen:Variant.Barys.431369
McAfee-GW-EditionArtemis
Trapminesuspicious.low.ml.score
SophosMal/MSIL-VK
SentinelOneStatic AI – Malicious PE
GoogleDetected
AviraHEUR/AGEN.1313922
MAXmalware (ai score=82)
ArcabitTrojan.Barys.D69509
ZoneAlarmHEUR:Trojan.MSIL.Inject.gen
GDataGen:Variant.Barys.431369
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C5384769
Acronissuspicious
McAfeeArtemis!CA01E65A54B8
IkarusTrojan.MSIL.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Injector.VOE!tr
AVGWin64:InjectorX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Barys.431369?

Barys.431369 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment