Malware

Generic.MSIL.Bladabindi.0FE0EE4F (file analysis)

Malware Removal

The Generic.MSIL.Bladabindi.0FE0EE4F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.0FE0EE4F virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Uses Windows utilities for basic functionality
  • CAPE detected the njRat malware family
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Generic.MSIL.Bladabindi.0FE0EE4F?



File Info:

name: F36915D71B3AEFB057B4.mlw
path: /opt/CAPEv2/storage/binaries/fd76f213b8ad92e35638e5911d2eecbed87d2473b22053f5e2659a939d3d68c5
crc32: 6D5D01C1
md5: f36915d71b3aefb057b494b6c52c573c
sha1: 47b8c860fa725baae5acc68b5f6969dd90a42939
sha256: fd76f213b8ad92e35638e5911d2eecbed87d2473b22053f5e2659a939d3d68c5
sha512: 64c6f28549d81b88fb38fcee865d3b21349d601bd0af7ae593ea2b4dfeb95ec6edf13d43844279d4bc852980ae63ebd6a2918a5e2b13c7a70da022f6a275a9f2
ssdeep: 384:SmOs0IiejvCVLO309QmykrtG+dA+VfwvOSiKrAF+rMRTyN/0L+EcoinblneHQM3J:8FdGdkrgYRwWS9rM+rMRa8NuHyt
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11D032A4D7FE181A8C4FD067B05B2D41207BAE04B6A23DD0E8EE564EA37636C58B54AF1
sha3_384: f8c5c50a33065ef1c0d8d4f8a9a641fcbf7688624db673a24215185f2ee450c689e7a09b3f6fc3ca582cdfd8acd4ef4c
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-08-28 15:20:22


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.0FE0EE4F also known as:

BkavW32.AIDetectNet.01
ElasticWindows.Trojan.Njrat
CynetMalicious (score: 100)
FireEyeGeneric.mg.f36915d71b3aefb0
CAT-QuickHealBackdoor.Bladabindi.B3
McAfeeTrojan-FIGN
MalwarebytesBackdoor.NJRat
VIPREGeneric.MSIL.Bladabindi.0FE0EE4F
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 700000121 )
K7AntiVirusTrojan ( 700000121 )
BaiduMSIL.Backdoor.Bladabindi.a
VirITTrojan.Win32.DownLoader21.BPQW
CyrenW32/MSIL_Troj.AP.gen!Eldorado
SymantecBackdoor.Ratenjay!gen3
ESET-NOD32a variant of MSIL/Bladabindi.AR
APEXMalicious
ClamAVWin.Packed.Bladabindi-7994427-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.MSIL.Bladabindi.0FE0EE4F
NANO-AntivirusTrojan.Win32.Autoruner2.ebrjyu
ViRobotBackdoor.Win32.Agent.37888.AL
MicroWorld-eScanGeneric.MSIL.Bladabindi.0FE0EE4F
AvastMSIL:Bladabindi-JK [Trj]
TencentTrojan.Msil.Bladabindi.fa
Ad-AwareGeneric.MSIL.Bladabindi.0FE0EE4F
TACHYONBackdoor/W32.DN-NjRat.37888.AA
EmsisoftWorm.Bladabindi (A)
ComodoTrojWare.MSIL.Spy.Agent.CP@4pqytu
DrWebTrojan.MulDrop6.43244
ZillyaTrojan.Bladabindi.Win32.72266
TrendMicroBKDR_BLADABI.SMC
McAfee-GW-EditionBehavesLike.Win32.Generic.nm
Trapminemalicious.moderate.ml.score
SophosML/PE-A + Troj/Bbindi-W
IkarusTrojan.MSIL.Bladabindi
GDataMSIL.Trojan-Spy.Bladabindi.BQ
JiangminTrojanDropper.Autoit.dce
AviraTR/ATRAPS.Gen
Antiy-AVLTrojan/Generic.ASBOL.A8F4
ArcabitGeneric.MSIL.Bladabindi.0FE0EE4F
MicrosoftBackdoor:MSIL/Bladabindi.B
GoogleDetected
AhnLab-V3Trojan/Win32.Korat.R207428
Acronissuspicious
ALYacGeneric.MSIL.Bladabindi.0FE0EE4F
MAXmalware (ai score=87)
CylanceUnsafe
RisingBackdoor.njRAT!1.9E49 (CLASSIC)
YandexTrojan.AvsMofer.dd6520
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Bladabindi.AS!tr
BitDefenderThetaGen:NN.ZemsilF.34606.cmW@aKkBVwl
AVGMSIL:Bladabindi-JK [Trj]
Cybereasonmalicious.71b3ae
PandaTrj/GdSda.A

How to remove Generic.MSIL.Bladabindi.0FE0EE4F?

Generic.MSIL.Bladabindi.0FE0EE4F removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment