Malware

What is “Brresmon.102 (B)”?

Malware Removal

The Brresmon.102 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Brresmon.102 (B) virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Unconventionial language used in binary resources: Danish
  • The binary likely contains encrypted or compressed data.
  • Detects Sandboxie through the presence of a library
  • Deletes its original binary from disk
  • Attempts to remove evidence of file being downloaded from the Internet
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • A system process is generating network traffic likely as a result of process injection
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization
  • Creates a copy of itself

How to determine Brresmon.102 (B)?



File Info:

crc32: 2926A6DD
md5: 2c30137c6074c46af44a83e898e9d1d0
name: 2C30137C6074C46AF44A83E898E9D1D0.mlw
sha1: ef32150af19c8e33354776edc213fcd8b37a7b7e
sha256: 7d75d6f9143f7eedd52f64190c6b21929d422c211d0a56860687a742b76fa242
sha512: 284e22aac2d57e880d8efc786a1464f01c9beee6f219a4b23888066eb0a4ce41acb0b5ee4c6b0a3ac3e4c6c2dc1c74a1b9e908a88e87d7fd2187249f1d83ebd7
ssdeep: 3072:R0CYqtYtI5P6ML9ufLcA94a+YrHBNiNvtCqBKH75NW1g1ZE0psbabDIblouPWyn:R0CJtR1L9ujLlkvJa5Bsk240RU
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Brresmon.102 (B) also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005360491 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.23946
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Chapak.ZZ5
ALYacGen:Variant.Brresmon.102
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1447744
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaTrojan:Win32/Predator.4fbf897d
K7GWTrojan ( 005360491 )
Cybereasonmalicious.c6074c
CyrenW32/S-23c0ca56!Eldorado
ESET-NOD32a variant of Win32/Kryptik.GIHB
APEXMalicious
AvastFileRepMalware
ClamAVWin.Packer.Crypter-6539596-1
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Brresmon.102
NANO-AntivirusTrojan.Win32.Chapak.ferepb
MicroWorld-eScanGen:Variant.Brresmon.102
TencentMalware.Win32.Gencirc.10b62de1
Ad-AwareGen:Variant.Brresmon.102
SophosML/PE-A + Mal/GandCrab-B
ComodoTrojWare.Win32.Chapak.GI@7q43kg
BitDefenderThetaGen:NN.ZexaF.34628.ruW@aix9jvgG
TrendMicroRansom_GANDCRAB.SMALY-3
McAfee-GW-EditionBehavesLike.Win32.Generic.dc
FireEyeGeneric.mg.2c30137c6074c46a
EmsisoftGen:Variant.Brresmon.102 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.PSW.Coins.vp
AviraHEUR/AGEN.1106539
eGambitUnsafe.AI_Score_99%
MicrosoftTrojan:Win32/Predator.PVD!MTB
ArcabitTrojan.Brresmon.102
AegisLabTrojan.Win32.Generic.4!c
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataWin32.Trojan-Ransom.GandCrab.N
AhnLab-V3Win-Trojan/Gandcrab02.Exp
Acronissuspicious
McAfeeGenericRXGG-UT!2C30137C6074
MAXmalware (ai score=100)
VBA32BScope.TrojanBanker.NeutrinoPOS
MalwarebytesTrojan.MalPack
PandaTrj/Genetic.gen
TrendMicro-HouseCallRansom_GANDCRAB.SMALY-3
RisingBackdoor.Mokes!8.619 (C64:YzY0OpKGEJzbyEHd)
YandexTrojan.GenAsa!5pM3qZf7KyY
IkarusTrojan.Win32.Predator
MaxSecureRansomeware.CRAB.gen
FortinetW32/GenKryptik.CNAR!tr
AVGFileRepMalware
Paloaltogeneric.ml
Qihoo-360Win32/Backdoor.Predator.HwoCEpsA

How to remove Brresmon.102 (B)?

Brresmon.102 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment