Malware

Should I remove “Generic.Malware.YBd.29164923”?

Malware Removal

The Generic.Malware.YBd.29164923 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Malware.YBd.29164923 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • Performs HTTP requests potentially not found in PCAP.
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Touches a file containing cookies, possibly for information gathering
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Generic.Malware.YBd.29164923?



File Info:

name: B2411A55D911D0207902.mlw
path: /opt/CAPEv2/storage/binaries/4968890db1fd52bfbfec33cdbed19e3ea7b11d04cab55f38423a006c3f5f3ea7
crc32: ABC286EA
md5: b2411a55d911d0207902b4293df7b2e6
sha1: 4b2fd57e6eb70267ca317bb8f268adc77348307e
sha256: 4968890db1fd52bfbfec33cdbed19e3ea7b11d04cab55f38423a006c3f5f3ea7
sha512: 1c5d61a6d90d2668a907e164dd11dfcc6be05319e0a2e1999d0f2c0bb3b85ffc9fbb4e8f49b9e42677f291263e116c42f09838b4c60a0107a72f36abdb827cb5
ssdeep: 384:X9kDh9yt4o526lE29gZatdNNyByvi6FlZw1pKU:GDhUtbEbZam6/w+
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14862BF9EBD6C645DD120983F03067F00CBA9884597CE87AE2E9AF64B74EEA8D1C91570
sha3_384: 4d814c0c261c860f251e7f8ba54e700365653063b6d41e5067b41ce89faa1729c39d8b9000b1a6ec466271ebeae0acd5
ep_bytes: 60be00e040008dbe0030ffff5783cdff
timestamp: 2008-11-25 01:50:04


Version Info:

0: [No Data]

Generic.Malware.YBd.29164923 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Vilsel.4!c
Elasticmalicious (moderate confidence)
MicroWorld-eScanGeneric.Malware.YBd.29164923
SkyhighBehavesLike.Win32.VBObfus.lc
McAfeeArtemis!B2411A55D911
Cylanceunsafe
ZillyaTrojan.Vilsel.Win32.357
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan-Downloader ( 0022ac3e1 )
AlibabaTrojanDownloader:Win32/Vilsel.25c6205a
K7GWTrojan-Downloader ( 0022ac3e1 )
BitDefenderThetaAI:Packer.B7E6B1021E
SymantecTrojan.Adclicker
ESET-NOD32a variant of Win32/TrojanDownloader.VB.OVS
CynetMalicious (score: 100)
APEXMalicious
KasperskyTrojan.Win32.Vilsel.afk
BitDefenderGeneric.Malware.YBd.29164923
NANO-AntivirusTrojan.Win32.MlwGen.efarfg
AvastWin32:Evo-gen [Trj]
TencentWin32.Trojan.Vilsel.Dnhl
EmsisoftGeneric.Malware.YBd.29164923 (B)
F-SecureTrojan.TR/Crypt.ZPACK.Gen
DrWebTrojan.DownLoader5.1730
VIPREGeneric.Malware.YBd.29164923
TrendMicroTROJ_GEN.R002C0OK123
SophosMal/VB-A
SentinelOneStatic AI – Malicious PE
GDataGeneric.Malware.YBd.29164923
JiangminTrojan.Vilsel.yr
VaristW32/VB-Wird-based!Maximus
AviraTR/Crypt.ZPACK.Gen
Antiy-AVLTrojan/Win32.AGeneric
KingsoftWin32.Trojan.Generic.a
XcitiumMalware@#5l0rfvpepmtn
ArcabitGeneric.Malware.YBd.D1BD057B
ZoneAlarmTrojan.Win32.Vilsel.afk
MicrosoftTrojan:Win32/Neop!gmb
GoogleDetected
VBA32TScope.Trojan.VB
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.R002C0OK123
RisingTrojan.Win32.Generic.1352FD72 (C64:YzY0OqF6WWz28IHL)
YandexTrojan.ZPACK!AaigwaE2JEg
IkarusTrojan-Downloader.Win32.VB
MaxSecureTrojan.Malware.853305.susgen
FortinetW32/Generic.AC.3457C9!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Generic.Malware.YBd.29164923?

Generic.Malware.YBd.29164923 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment