Worm

About “BScope.Worm.Vercuser” infection

Malware Removal

The BScope.Worm.Vercuser is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What BScope.Worm.Vercuser virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine BScope.Worm.Vercuser?



File Info:

name: AACF28D9142D8D9E16F9.mlw
path: /opt/CAPEv2/storage/binaries/d93ca08908de0a0bb466f97fc903de58ca40cb2a3bd79534e09e2cdfcbb79fab
crc32: 70614DA6
md5: aacf28d9142d8d9e16f983092ea51cf3
sha1: b56c149555f8c7cae4b76333d3d6b7ea360aa248
sha256: d93ca08908de0a0bb466f97fc903de58ca40cb2a3bd79534e09e2cdfcbb79fab
sha512: 4c6991ab7039270e9b3c1e384410f5c8c4d437518b8f7568106bf0ec83061e55694b88b23e46b0b362bdd6d8d3668d20f32bdfb7c638747f80ae5a73edaff151
ssdeep: 6144:9jDKwxpggbKJViqWyvCIe6s0sn7pP+d6yqGU3EqUVqYX:9qgWJwZypeOK7pmtqGU3UV
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1976402D68647E1A5E2F58B7F01733D35C4119EA0B81097FA31C1742EBCB3C9C5A9992B
sha3_384: a20742a3f89ba31fe06ecc4efa3cb774b255d3b1dc7b4b3fc4f90301bdc87a52bc01cb4312d696f4bd9288cc340d91d2
ep_bytes: 60e80000000058055a0b00008b3003f0
timestamp: 2012-08-02 21:25:23


Version Info:

FileDescription: Paddy for Lightroom
FileVersion: 5, 0, 30513, 0
InternalName: Paddy for Lightroom
LegalCopyright: (c) 2012, Dorfl68@Gmail.com
OriginalFilename: 
ProductName: Paddy for Lightroom
ProductVersion: 5, 0, 30513, 0
Translation: 0x0409 0x04b0

BScope.Worm.Vercuser also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
SkyhighBehavesLike.Win32.Generic.fc
McAfeeArtemis!AACF28D9142D
K7AntiVirusTrojan ( 003ea81e1 )
K7GWTrojan ( 003ea81e1 )
VirITWorm.Win32.X-Autorun.BMVM
APEXMalicious
ClamAVWin.Trojan.Generic-7473672-0
RisingWorm.Win32.Vercuser.b (CLOUD)
SophosML/PE-A
DrWebWin32.HLLW.Autoruner1.26246
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.aacf28d9142d8d9e
IkarusBackdoor.Win32.Vercuser
JiangminTrojan/Genome.cikn
Webroot
GoogleDetected
Antiy-AVLTrojan/Win32.PossibleThreat
Kingsoftmalware.kb.b.924
CynetMalicious (score: 100)
BitDefenderThetaGen:NN.ZexaF.36792.tmuaaeY1S2hi
DeepInstinctMALICIOUS
VBA32BScope.Worm.Vercuser
Cylanceunsafe
ZonerTrojan.Win32.78791
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
CrowdStrikewin/malicious_confidence_60% (W)

How to remove BScope.Worm.Vercuser?

BScope.Worm.Vercuser removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment