Malware

Barys.71138 removal

Malware Removal

The Barys.71138 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Barys.71138 virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Barys.71138?



File Info:

name: F9F752C35FB896585685.mlw
path: /opt/CAPEv2/storage/binaries/49bf1c988db778d420a7a22683d82c7435da5d5292c0be42e555edb21814d8b1
crc32: A4E50917
md5: f9f752c35fb89658568569840e0e0216
sha1: 44ca821dc8b855cab3794b1582bc51ebfc0519b2
sha256: 49bf1c988db778d420a7a22683d82c7435da5d5292c0be42e555edb21814d8b1
sha512: a902697e64c8dd4dad9dbc4d3ee4a7d64a16a47765d41dbc239047487d721da8b088bf922588658fcc9dfaf6ad00fc1102e9467c936f9da0b8b59fdd3914231c
ssdeep: 768:BeaFBo9LfDwSQ9qCr3NCQvNWekGhC6U3jVH/LmKLsCyIInbcuyD7U:Aa8fDfQgCrLvNWekp5VH/LmKLsIInout
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1ED03F115A9D348AEC95A38F31CDFE98E1834D00C64E75A4DBACE303E99702496E277E4
sha3_384: e2c716bf36e865cd285db333a4b5e1d46ae49920b34e3b856c5daff2eaf72d86c7d3e42bbdf88e4c5133e94109a9b370
ep_bytes: 807c2408010f85c70b000060be001001
timestamp: 2023-12-27 18:05:22


Version Info:

0: [No Data]

Barys.71138 also known as:

LionicTrojan.Win32.Generic.4!c
MicroWorld-eScanGen:Variant.Barys.71138
FireEyeGen:Variant.Barys.71138
SkyhighBehavesLike.Win32.BadFile.pc
McAfeeArtemis!F9F752C35FB8
Cylanceunsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (W)
ArcabitTrojan.Barys.D115E2
CynetMalicious (score: 100)
APEXMalicious
BitDefenderGen:Variant.Barys.71138
EmsisoftGen:Variant.Barys.71138 (B)
VIPREGen:Variant.Barys.71138
Antiy-AVLTrojan/Win32.Agent
GDataGen:Variant.Barys.71138
ALYacGen:Variant.Barys.71138
MAXmalware (ai score=84)
TrendMicro-HouseCallTROJ_GEN.R002H09BE24
RisingTrojan.ShellCodeRunner!1.F1A9 (CLOUD)
SentinelOneStatic AI – Suspicious PE
FortinetW32/PossibleThreat

How to remove Barys.71138?

Barys.71138 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment