Malware

Barys.85692 (B) removal tips

Malware Removal

The Barys.85692 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Barys.85692 (B) virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Barys.85692 (B)?



File Info:

name: 8928CF8A62379901DA53.mlw
path: /opt/CAPEv2/storage/binaries/bbe6f828f5908da1637d0ae4a71da836b14dc4fe66f7f59589db095705ca13bd
crc32: 1EC02CF1
md5: 8928cf8a62379901da532682a4b72c06
sha1: c4039c19ef0d5ffc73d01178365d6b0002891665
sha256: bbe6f828f5908da1637d0ae4a71da836b14dc4fe66f7f59589db095705ca13bd
sha512: ff19fea89af060335c320866956bbfa502ffb7f6bb5941d27e8c0a6fb9b13b78bbf06d6138e793725aa844c0c4cdbd2bdb3bc3d9b7be18d3afe08d25a683fab0
ssdeep: 6144:mpnhG1nB3AHuwF5J+mfxWzdQQbKRHSAUrvTlggJ+/qDQwi:mpnh4Bg5pfAzdZbKRS9zhJ+i0w
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1383412A5F9CA4C30F9FD58F444CDDFB462DBEA84E83E421A865C6326EE52F0456640B3
sha3_384: a64d2ebad006a33e559a19ea30908f3f91203f5b165c47c8fd723d8764add8d8e7a1e43a3cb2d9cb23970fc6cdd1f7fb
ep_bytes: 60be00a091008dbe0070a3ffc787d4f4
timestamp: 2019-05-25 22:12:17


Version Info:

Comments: 
CompanyName: SOACS
FileDescription: SOACS Main Application
FileVersion: 1, 1, 1, 1
InternalName: SOACS Main Application
LegalCopyright: Copyright ? 2019. SOACS
LegalTrademarks: 
OriginalFilename: KnightOnline.exe
PrivateBuild: 
ProductName: SOACS Main Application
ProductVersion: 1, 1, 1, 1
SpecialBuild: 
Translation: 0x0000 0x04b0

Barys.85692 (B) also known as:

LionicTrojan.Win32.Barys.4!c
MicroWorld-eScanGen:Variant.Barys.85692
FireEyeGen:Variant.Barys.85692
ALYacGen:Variant.Barys.85692
Cybereasonmalicious.a62379
BitDefenderThetaGen:NN.ZexaF.34084.omKfaawj6lni
SymantecML.Attribute.HighConfidence
APEXMalicious
BitDefenderGen:Variant.Barys.85692
AvastWin32:Malware-gen
Ad-AwareGen:Variant.Barys.85692
ComodoPacked.Win32.MUPX.Gen@24tbus
McAfee-GW-EditionBehavesLike.Win32.Packed.dc
EmsisoftGen:Variant.Barys.85692 (B)
GDataGen:Variant.Barys.85692
MAXmalware (ai score=87)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
McAfeeRDN/Generic.dx
MalwarebytesMalware.AI.1805916547
TrendMicro-HouseCallTROJ_GEN.R002H09L621
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/PossibleThreat
AVGWin32:Malware-gen

How to remove Barys.85692 (B)?

Barys.85692 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment