Malware

What is “Barys.54851”?

Malware Removal

The Barys.54851 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Barys.54851 virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • Anomalous binary characteristics

How to determine Barys.54851?



File Info:

crc32: CD2E4E04
md5: 7f1b6809e22a7798d7e008cdfab5711a
name: 7F1B6809E22A7798D7E008CDFAB5711A.mlw
sha1: 4daedabd954fb0f3c6ffe70e6e17e0cf6837a45d
sha256: 1e35d745a276dfea2b146a9b71d116725a111bb0fbc6da076ffae2759213dce6
sha512: 8e1957c44ebbc60472c46b32e9e8aaa1b21846224930ab36370bdc6b56943dc5dcdfa92661f9e544e985d316758dc2314a2a567a052113fb63e150ef9ffb939e
ssdeep: 6144:sIofVkVsanFft9Y5hclqbEi1Awvnp1pnKKSguioWAciLbuT:ctKftO5hcl3iRvp1pnKMWcim
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: K Software
InternalName: 
CompanyName: K Software
LegalTrademarks: 
Comments: 
ProductName: kSign
ProductVersion: 1.0.0.0
FileDescription: kSign - The Easy Code Signing Utility
OriginalFilename: 
Translation: 0x0409 0x04e4

Barys.54851 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.54851
McAfeeGenericRXDZ-EC!7F1B6809E22A
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0051d3451 )
BitDefenderGen:Variant.Barys.54851
K7GWTrojan ( 0051d3451 )
Cybereasonmalicious.9e22a7
CyrenW32/S-d2c789ae!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Ransomware.Fugrafa-9779211-0
KasperskyTrojan-Ransom.Win32.Foreign.nsgh
AlibabaRansom:Win32/Foreign.e6fd3c2d
NANO-AntivirusTrojan.Win32.Zbot.evgtoo
AegisLabTrojan.Win32.Generic.4!c
RisingRansom.Foreign!8.292 (CLOUD)
Ad-AwareGen:Variant.Barys.54851
EmsisoftGen:Variant.Barys.54851 (B)
ComodoMalware@#1do7mi21plnlg
F-SecureHeuristic.HEUR/AGEN.1112598
DrWebTrojan.PWS.Panda.10359
ZillyaTrojan.Kryptik.Win32.1600011
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.fc
FireEyeGeneric.mg.7f1b6809e22a7798
SophosML/PE-A + Mal/Ransom-EE
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1112598
MAXmalware (ai score=96)
Antiy-AVLTrojan[Spy]/Win32.Zbot
MicrosoftPWS:Win32/Zbot
ArcabitTrojan.Barys.DD643
ZoneAlarmTrojan-Ransom.Win32.Foreign.nsgh
GDataGen:Variant.Barys.54851
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZexaF.34590.vu1@aO0NQopi
ALYacGen:Variant.Barys.54851
VBA32Trojan-Ransom.Foreign
MalwarebytesMalware.AI.2097683613
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Kryptik.EYUK
TencentMalware.Win32.Gencirc.114951f5
YandexTrojan.Foreign!slvMV7XKPeo
IkarusTrojan-Ransom.Foreign
eGambitUnsafe.AI_Score_98%
FortinetW32/Kryptik.FCAB!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Win32/Trojan.Zbot.HwUBQI8A

How to remove Barys.54851?

Barys.54851 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment