Categories: Malware

Barys.432014 (file analysis)

The Barys.432014 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Barys.432014 virus can do?

Unconventionial language used in binary resources: Russian
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Executable file is packed/obfuscated with Themida
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Barys.432014?


File Info:
name: 9289EF886397991CD14C.mlwpath: /opt/CAPEv2/storage/binaries/a6a8057d749e0bbff0fff30aee85b56da271d928e438b1b6c2801006b0407f55crc32: 70E0AEDAmd5: 9289ef886397991cd14c6702a4dded05sha1: f05cbf069793e19c791c76536aa3032df4bff5fasha256: a6a8057d749e0bbff0fff30aee85b56da271d928e438b1b6c2801006b0407f55sha512: 7a464ed096a12772cf5c84bd996bd349d5dfb2db4cda634c8e334db145b8cf463bf38f9934b2207fbcc1bd46855ca72c8d08def5195ee21ee394052ace58d49cssdeep: 98304:1egyB8DGqebL6WqSa63DbYHhrdF1cJ+bpZWZgQiZg8atxYO+eVkeuTQeJasjQ1v:TZwKWofdPwWjDQiSHJVkeu8ew51vtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1B466338750806FC3CBB093372D568104822AFD75CE462225B15F7FA6427658EDFF8BA9sha3_384: 61d2b9a360a1252b911a60dfa9e0231be6ddbfb17395e97c659ee76bb92055ad6daff0d39bae43b621d4a3532199cc9eep_bytes: e84b0100005389e3538b73088b7b10fctimestamp: 2021-10-21 10:04:14
Version Info:
Comments: CompanyName: FileDescription: Devfoam Applicatione MFCFileVersion: 1, 0, 0, 1InternalName: DevFoamLegalCopyright: Авторские права (C) 2005LegalTrademarks: OriginalFilename: DevFoam.EXEPrivateBuild: ProductName: Devfoam ApplicationeProductVersion: 1, 0, 0, 1SpecialBuild: Translation: 0x0019 0x04e3

Barys.432014 also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Variant.Barys.432014
FireEye	Generic.mg.9289ef886397991c
Skyhigh	BehavesLike.Win32.Generic.vc
McAfee	Artemis!9289EF886397
Malwarebytes	Generic.Malware/Suspicious
Cybereason	malicious.69793e
Elastic	malicious (moderate confidence)
APEX	Malicious
BitDefender	Gen:Variant.Barys.432014
NANO-Antivirus	Virus.Win32.Gen-Crypt.ccnc
Emsisoft	Gen:Variant.Barys.432014 (B)
VIPRE	Gen:Variant.Barys.432014
Trapmine	malicious.moderate.ml.score
SentinelOne	Static AI – Suspicious PE
MAX	malware (ai score=87)
Antiy-AVL	GrayWare/Win32.Wacapew
Arcabit	Trojan.Barys.D6978E
GData	Gen:Variant.Barys.432014
Google	Detected
ALYac	Gen:Variant.Barys.432014
Cylance	unsafe
Zoner	Probably Heur.ExeHeaderL
TrendMicro-HouseCall	TROJ_GEN.R002H09J923
Rising	Trojan.Generic@AI.100 (RDML:JV24L2czZBLzdndkGcyTvA)
Ikarus	Trojan.Win32.Krypt
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_70% (W)