Malware

Generic.Malware.Bk!dld!g.72BD2020 information

Malware Removal

The Generic.Malware.Bk!dld!g.72BD2020 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Malware.Bk!dld!g.72BD2020 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • The binary likely contains encrypted or compressed data.
  • Deletes its original binary from disk
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Generic.Malware.Bk!dld!g.72BD2020?



File Info:

crc32: 05801CEB
md5: 028f9e23f109bc9578de0f17f2b50afb
name: 028F9E23F109BC9578DE0F17F2B50AFB.mlw
sha1: 095a53369e534d71835072fddf956b42e5e62509
sha256: 3766c74912274645a4a4b109c79247d6575048cf74b96c6900ed9f4056926b81
sha512: 59391154c4d44e0e33cf24f59b206cfd7438a96fdb73310ec4a7589ab864af51ecad5de330e5e348798d0536a93c1710a13673fc624c9b79c5fd398fc40bc121
ssdeep: 6144:IOpADrJTmWMeE74uW+wczQm5tWDR/qYu9wAjOu:IOSPIWMeVxKzhtWDpxwB
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileVersion: 1.2.3.10
CompanyName: x51e4x51f0x5de5x4f5cx5ba4
Comments: x7070x9e3dx5b50x8fdcx7a0bx7ba1x7406
ProductVersion: 1.2.3.0
FileDescription: x51e4x51f0x5de5x4f5cx5ba4
OriginalFilename: H_Client.exe
Translation: 0x0804 0x03a8

Generic.Malware.Bk!dld!g.72BD2020 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005257651 )
Elasticmalicious (high confidence)
DrWebBackDoor.Pigeon.21851
ClamAVWin.Trojan.Packed-24
McAfeeArtemis!028F9E23F109
MalwarebytesTrojan.MalPack.NSPack
ZillyaVirus.Hupigon.Win32.5
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Hupigon.34f21d42
K7GWTrojan ( 005257651 )
Cybereasonmalicious.3f109b
BaiduWin32.Trojan.Hupigon.b
CyrenW32/Hupigon.A.gen!Eldorado
SymantecBackdoor.Graybird
ESET-NOD32a variant of Win32/Hupigon.NPI
APEXMalicious
AvastWin32:Evo-gen [Susp]
CynetMalicious (score: 100)
KasperskyBackdoor.Win32.Hupigon.bwk
BitDefenderGeneric.Malware.Bk!dld!g.72BD2020
MicroWorld-eScanGeneric.Malware.Bk!dld!g.72BD2020
TencentTrojan.Win32.Hupigon.pije
Ad-AwareGeneric.Malware.Bk!dld!g.72BD2020
SophosML/PE-A + Mal/Hupig-H
ComodoPacked.Win32.MNSP.Gen@2697wr
BitDefenderThetaAI:Packer.18BC7C111D
VIPREBackdoor.Win32.Hupigon (v)
TrendMicroMal_HPGN-2
McAfee-GW-EditionBehavesLike.Win32.Backdoor.dc
FireEyeGeneric.mg.028f9e23f109bc95
EmsisoftGeneric.Malware.Bk!dld!g.72BD2020 (B)
SentinelOneStatic AI – Malicious PE
JiangminBackdoor/Huigezi.2007.bjfb
AviraBDS/Hupigon.Gen
eGambitUnsafe.AI_Score_100%
MicrosoftBackdoor:Win32/Hupigon
GridinsoftMalware.Win32.Gen.bot!se22135
ZoneAlarmPacked.Multi.MultiPacked.gen
GDataGeneric.Malware.Bk!dld!g.72BD2020
AhnLab-V3Backdoor/Win32.Hupigon.R839
Acronissuspicious
VBA32SScope.Backdoor.Hupigon
MAXmalware (ai score=80)
PandaMalicious Packer
TrendMicro-HouseCallMal_HPGN-2
RisingBackdoor.Win32.Gpigeon2008.yd (CLASSIC)
YandexTrojan.GenAsa!gUCaTdaJnNw
IkarusPacker.Win32.PolyCrypt.b
FortinetW32/Hupigon.DSK!tr.bdr
AVGWin32:Evo-gen [Susp]
Paloaltogeneric.ml

How to remove Generic.Malware.Bk!dld!g.72BD2020?

Generic.Malware.Bk!dld!g.72BD2020 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment