Trojan

About “BScope.Trojan.Bayrob” infection

Malware Removal

The BScope.Trojan.Bayrob is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Trojan.Bayrob virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Installs itself for autorun at Windows startup
  • Likely virus infection of existing system binary
  • Creates a copy of itself

How to determine BScope.Trojan.Bayrob?



File Info:

name: 824C6650D546082AA439.mlw
path: /opt/CAPEv2/storage/binaries/11b866692ea7a9e17479fd8d70c2f9c63beacc44e38772964a319368d6941aa2
crc32: 686EF152
md5: 824c6650d546082aa439533a38a93df6
sha1: 616777268a5539b7e192bf0e5009d668524d1983
sha256: 11b866692ea7a9e17479fd8d70c2f9c63beacc44e38772964a319368d6941aa2
sha512: 166520a5965b422fb3de08f8787096ce194309dbe24d233d0e5d7c184122dd8ba310405ad28eb30b5bdf00143b5822e45256e971a90f96cb7bea35e4faf1c743
ssdeep: 6144:0n2sB9h7lOiHoqjVyaSgTHZFOmuhg4sEYQ/6Jz+3cnECg1dH17esZtw:nyjjDlTHZFOmmjsEYQ2z+uE11dfZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19DB48CA0A252B373D85605F17B8BE2351169A6720F761DDBF7C2C69C64BA0F0372B721
sha3_384: 853c156e16874fc33697dbfa4653a1038bf21d1bfc28f24737e6bbc0fc5ac0a6bc9ce39a14136f3f12636486d7b0ee51
ep_bytes: e8b3680000e9000000006a1468903f47
timestamp: 2015-07-06 11:33:16


Version Info:

0: [No Data]

BScope.Trojan.Bayrob also known as:

BkavW32.FamVT.BRTTc.Worm
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Barys.58165
FireEyeGeneric.mg.824c6650d546082a
CAT-QuickHealTrojanSpy.Nivdort.WR4
McAfeeTrojan-FINB!824C6650D546
CylanceUnsafe
ZillyaTrojan.SwizzorGen.Win32.1
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0052ecdd1 )
K7GWTrojan ( 0052ecdd1 )
Cybereasonmalicious.0d5460
BaiduWin32.Trojan.Bayrob.d
CyrenW32/Nivdort.L.gen!Eldorado
SymantecTrojan.Bayrob!g12
ESET-NOD32a variant of Win32/Bayrob.CS
APEXMalicious
KasperskyHEUR:Trojan.Win32.Bayrob.gen
BitDefenderGen:Variant.Barys.58165
NANO-AntivirusTrojan.Win32.Bayrob.egmmfj
AvastFileRepMalware
TencentTrojan.Win32.BitCoinMiner.la
Ad-AwareGen:Variant.Barys.58165
SophosML/PE-A + Mal/Bayrob-C
DrWebTrojan.DownLoader22.49689
VIPRETrojan-Downloader.Tibs.gen (v)
TrendMicroTROJ_BAYROB.SM7
McAfee-GW-EditionBehavesLike.Win32.Trojan.hh
EmsisoftGen:Variant.Barys.58165 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Barys.58165
JiangminTrojan.Bayrob.aklg
AviraTR/Nivdort.Gen2
MAXmalware (ai score=87)
Antiy-AVLTrojan/Generic.ASBOL.9F94
MicrosoftTrojanSpy:Win32/Nivdort
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Agent.C1386802
Acronissuspicious
BitDefenderThetaAI:Packer.66E4C28A1E
ALYacGen:Variant.Barys.58165
VBA32BScope.Trojan.Bayrob
MalwarebytesTrojan.Bayrob.Generic
TrendMicro-HouseCallTROJ_BAYROB.SM7
RisingTrojan.Generic@ML.100 (RDML:gmu0n0FBQFeInr+akUO0/Q)
YandexTrojan.GenAsa!ukjyyoGHyP0
IkarusTrojan.Win32.Bayrob
FortinetW32/Bayrob.BT!tr
AVGFileRepMalware
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (D)

How to remove BScope.Trojan.Bayrob?

BScope.Trojan.Bayrob removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment