About “Generic.MSIL.Bladabindi.163802F8” infection

The Generic.MSIL.Bladabindi.163802F8 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.MSIL.Bladabindi.163802F8 virus can do?

Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Uses Windows utilities for basic functionality
Sniffs keystrokes
Anomalous binary characteristics

How to determine Generic.MSIL.Bladabindi.163802F8?


File Info:
crc32: 6AE9AB3B
md5: abe7f22bdf1119a9179c894212e363ae
name: Server.jpg
sha1: 01f034517347040a0eae39ab504f28efa97bc6d8
sha256: 3e77ccafc4c7470db39c4acc2a75f13397e133ba84edbd640ba97e1d6c06eaf9
sha512: 9d0f88ede8c974115d8b3a9b3040461326e61512892530b8760c1a9e84052809fdd94f8bd6b9ee93ca8aac6a10f44e8ec99a79e4d32ff79567a8072c7692835c
ssdeep: 384:6QeCITxTz/w8nEUeC9UBNM46VgDO61Ba6hRmRvR6JZlbw8hqIusZzZr8:l2brV93RpcnuT
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
0: [No Data]

Generic.MSIL.Bladabindi.163802F8 also known as:

Bkav	W32.HoukecV.Trojan
MicroWorld-eScan	Generic.MSIL.Bladabindi.163802F8
CAT-QuickHeal	Backdoor.Bladabindi.AL3
McAfee	Trojan-FIGN
Malwarebytes	Backdoor.NJRat.Generic
VIPRE	Backdoor.MSIL.Bladabindi.a (v)
K7GW	Trojan ( 700000121 )
K7AntiVirus	Trojan ( 700000121 )
TrendMicro	BKDR_BLADABI.SMC
Baidu	MSIL.Backdoor.Bladabindi.a
F-Prot	W32/MSIL_Bladabindi.AU.gen!Eldorado
Symantec	Backdoor.Ratenjay
TotalDefense	Win32/DotNetDl.A!generic
TrendMicro-HouseCall	BKDR_BLADABI.SMC
Avast	MSIL:Agent-DRD [Trj]
ClamAV	Win.Trojan.B-468
GData	MSIL.Backdoor.Bladabindi.AV
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Generic.MSIL.Bladabindi.163802F8
NANO-Antivirus	Trojan.Win32.Disfa.dtznyx
ViRobot	Backdoor.Win32.Bladabindi.Gen.A
AegisLab	Win.Backdoor.Bladabindi.mBi5
Tencent	Win32.Trojan.Generic.Lqyp
Ad-Aware	Generic.MSIL.Bladabindi.163802F8
Sophos	Troj/DotNet-P
Comodo	Backdoor.MSIL.Bladabindi.A
DrWeb	BackDoor.Bladabindi.13678
Zillya	Trojan.Disfa.Win32.11021
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Trojan.mm
Emsisoft	Generic.MSIL.Bladabindi.163802F8 (B)
Ikarus	Trojan.MSIL.Bladabindi
Cyren	W32/MSIL_Bladabindi.AU.gen!Eldorado
Jiangmin	TrojanDropper.Autoit.dce
Webroot	W32.Malware.Gen
Avira	TR/Dropper.Gen7
Antiy-AVL	Trojan[Backdoor]/MSIL.Bladabindi.as
Kingsoft	Win32.Troj.Undef.(kcloud)
Endgame	malicious (high confidence)
Arcabit	Generic.MSIL.Bladabindi.163802F8
SUPERAntiSpyware	Trojan.Agent/Gen-Bladabindi
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Backdoor:MSIL/Bladabindi
AhnLab-V3	Backdoor/Win32.Bladabindi.R91438
ALYac	Generic.MSIL.Bladabindi.163802F8
AVware	Backdoor.MSIL.Bladabindi.a (v)
MAX	malware (ai score=86)
VBA32	Trojan.MSIL.Disfa
Cylance	Unsafe
ESET-NOD32	a variant of MSIL/Bladabindi.AS
Rising	Backdoor.MSIL.Bladabindi!1.9E49 (CLASSIC)
Yandex	Trojan.Agent!LDFuxSSo+xY
SentinelOne	static engine – malicious
Fortinet	MSIL/Agent.LI!tr
AVG	MSIL:Agent-DRD [Trj]
Cybereason	malicious.bdf111
CrowdStrike	malicious_confidence_100% (D)
Qihoo-360	HEUR/QVM03.0.8D1F.Malware.Gen

How to remove Generic.MSIL.Bladabindi.163802F8?

Generic.MSIL.Bladabindi.163802F8 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X