Malware

How to remove “Generic.MSIL.Bladabindi.0B132D76”?

Malware Removal

The Generic.MSIL.Bladabindi.0B132D76 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.0B132D76 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Uses Windows utilities for basic functionality
  • CAPE detected the njRat malware family
  • Creates a copy of itself
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Generic.MSIL.Bladabindi.0B132D76?



File Info:

name: 0044E558017BFE719DDD.mlw
path: /opt/CAPEv2/storage/binaries/c8f11b7723e1f0c269c6db05595ba0496055a30c7e917ece6439a6a64c3a4ce6
crc32: 543487D7
md5: 0044e558017bfe719ddd0b2174493d51
sha1: 077d16dddfc1aff8c69a78b6842c5a94e7b86c29
sha256: c8f11b7723e1f0c269c6db05595ba0496055a30c7e917ece6439a6a64c3a4ce6
sha512: d7cfbd6d3c3f186f572c95fa0bdde68a6d10d775c9837965adb229f53e6f57e4d96c468e006a6f9414f293ef230c7e6fe19e47a1436edd8f79507effcf641ec5
ssdeep: 384:oMKyOkBkRbohza8yuTUt7u06zgV4a5pzomRvR6JZlbw8hqIusZzZ4Ay://YI1T0Rpcnur
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C8B22A4E3FA9C8A6C4BC177486A5965003B091870453EE2FCCC560DBAFB3AD91D4CAF9
sha3_384: 610b0dda2ec27414025d7392007419e233032b8d31c40b0a70710b074d6c9875c9a655832b1065bc707907383d58c1ef
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-08-27 18:42:45


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.0B132D76 also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanGeneric.MSIL.Bladabindi.0B132D76
FireEyeGeneric.mg.0044e558017bfe71
CAT-QuickHealTrojan.Generic.TRFH5
ALYacGeneric.MSIL.Bladabindi.0B132D76
CylanceUnsafe
ZillyaTrojan.Disfa.Win32.11021
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
K7GWTrojan ( 700000121 )
Cybereasonmalicious.8017bf
BitDefenderThetaGen:NN.ZemsilF.34606.bmW@a8RUxHf
VirITBackdoor.Win32.Generic.AWM
CyrenW32/MSIL_Bladabindi.AU.gen!Eldorado
SymantecBackdoor.Ratenjay
ElasticWindows.Trojan.Njrat
ESET-NOD32a variant of MSIL/Bladabindi.AS
BaiduMSIL.Backdoor.Bladabindi.a
TrendMicro-HouseCallBKDR_BLBINDI.SMN
ClamAVWin.Packed.Generic-9795615-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.MSIL.Bladabindi.0B132D76
NANO-AntivirusTrojan.Win32.Disfa.dzszil
CynetMalicious (score: 100)
AvastMSIL:Bladabindi-JK [Trj]
TencentTrojan.Msil.Bladabindi.za
Ad-AwareGeneric.MSIL.Bladabindi.0B132D76
EmsisoftTrojan.Bladabindi (A)
ComodoBackdoor.MSIL.Bladabindi.A@566ygc
DrWebBackDoor.Bladabindi.13678
VIPREGeneric.MSIL.Bladabindi.0B132D76
TrendMicroBKDR_BLADABI.SMC
McAfee-GW-EditionBehavesLike.Win32.Trojan.mm
SentinelOneStatic AI – Malicious PE
Trapminemalicious.moderate.ml.score
SophosML/PE-A + Troj/DotNet-P
APEXMalicious
GDataMSIL.Backdoor.Bladabindi.AV
JiangminTrojanDropper.Autoit.dce
WebrootW32.Trojan.Gen
AviraTR/Dropper.Gen7
Antiy-AVLTrojan/Generic.ASBOL.A8F4
ViRobotBackdoor.Win32.Bladabindi.Gen.A
ZoneAlarmHEUR:Trojan-Spy.MSIL.KeyLogger.gen
MicrosoftBackdoor:MSIL/Bladabindi
GoogleDetected
AhnLab-V3Backdoor/Win32.Bladabindi.R91438
Acronissuspicious
McAfeeTrojan-FJXA
MAXmalware (ai score=86)
VBA32TScope.Trojan.MSIL
MalwarebytesBackdoor.NJRat
RisingBackdoor.njRAT!1.9E49 (CLASSIC)
YandexTrojan.Agent!7MNHEHcVmEM
IkarusTrojan.MSIL.Bladabindi
MaxSecureTrojan.Malware.300983.susgen
AVGMSIL:Bladabindi-JK [Trj]
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Generic.MSIL.Bladabindi.0B132D76?

Generic.MSIL.Bladabindi.0B132D76 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment