Categories: Malware

What is “Generic.MSIL.Bladabindi.64DA03BE”?

The Generic.MSIL.Bladabindi.64DA03BE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic.MSIL.Bladabindi.64DA03BE virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics
Uses Windows utilities for basic functionality
CAPE detected the Njrat malware family
Creates known Njrat/Bladabindi RAT registry keys

How to determine Generic.MSIL.Bladabindi.64DA03BE?


File Info:
name: B9E01BB856C0B895A3E9.mlwpath: /opt/CAPEv2/storage/binaries/8253902bc9515768ffaf3255744f5c4669486975f217644380c4db52bb855cf0crc32: 619A3733md5: b9e01bb856c0b895a3e93e9697a8f71csha1: f038f192a0f68d2603a276b5156cb627ab5a294dsha256: 8253902bc9515768ffaf3255744f5c4669486975f217644380c4db52bb855cf0sha512: b91ca724592b45214301ca01de19e270c51731aff7a1c8d12c5f2bf466c67b08870fdb5f0a15b0b2bdf7975ed32b106ce1f8e7ee29d3287ee59b45b4dc86c3b1ssdeep: 768:wj3EDBZhjzOzx5+Rqa7xu56/vAhitinvMJQmIDUu0tiUcj:/D6MuCAhit6EQVk0jtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T17CE22BADFBEA4466D1BC0AB50571950013B4D103E523F77E4ECB28A62B6B7D84B84DF2sha3_384: 6f8ce0e4a012dad0871e55e062c8d00105961465468320920cf7c624990fba19628129a38af17ea62bbc7a21fb0eafa4ep_bytes: ff250020400000000000000000000000timestamp: 2022-11-26 15:19:18
Version Info:
0: [No Data]

Generic.MSIL.Bladabindi.64DA03BE also known as:

Bkav	W32.HarMinerLL.Trojan
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.GenericFC.S20328680
ALYac	Generic.MSIL.Bladabindi.64DA03BE
Cylance	Unsafe
Zillya	Trojan.Bladabindi.Win32.99364
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 700000121 )
K7GW	Trojan ( 700000121 )
Cybereason	malicious.856c0b
Baidu	MSIL.Backdoor.Bladabindi.a
VirIT	Trojan.Win32.Dnldr25.DDDI
Cyren	W32/MSIL_Bladabindi.A.gen!Eldorado
Symantec	MSIL.Trojan!gen2
Elastic	Windows.Trojan.Njrat
ESET-NOD32	a variant of MSIL/Bladabindi.AS
APEX	Malicious
ClamAV	Win.Packed.Generic-9795615-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Generic.MSIL.Bladabindi.64DA03BE
NANO-Antivirus	Trojan.Win32.Gen8.ecsqgn
MicroWorld-eScan	Generic.MSIL.Bladabindi.64DA03BE
Avast	MSIL:Bladabindi-JK [Trj]
Tencent	Trojan.Msil.Bladabindi.fb
Ad-Aware	Generic.MSIL.Bladabindi.64DA03BE
TACHYON	Backdoor/W32.DN-NjRat.32256
Emsisoft	Generic.MSIL.Bladabindi.64DA03BE (B)
Comodo	Backdoor.MSIL.Bladabindi.BA@7oej5x
F-Secure	Trojan.TR/Dropper.Gen7
DrWeb	BackDoor.Bladabindi.15771
VIPRE	Generic.MSIL.Bladabindi.64DA03BE
TrendMicro	BKDR_BLADABI.SMC
McAfee-GW-Edition	BehavesLike.Win32.Trojan.nm
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.b9e01bb856c0b895
Sophos	ML/PE-A + Mal/Bladabi-D
SentinelOne	Static AI – Malicious PE
Jiangmin	TrojanDropper.Autoit.dce
Avira	TR/Dropper.Gen7
Antiy-AVL	Trojan[Backdoor]/MSIL.Bladabindi.as
Microsoft	Backdoor:MSIL/Bladabindi
Arcabit	Generic.MSIL.Bladabindi.64DA03BE
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	MSIL.Trojan-Spy.Bladabindi.BQ
Google	Detected
AhnLab-V3	Trojan/Win32.Bladabindi.R130484
Acronis	suspicious
McAfee	BackDoor-NJRat!B9E01BB856C0
MAX	malware (ai score=80)
VBA32	Trojan.MSIL.Bladabindi.Heur
Malwarebytes	Bladabindi.Backdoor.Bot.DDS
Zoner	Trojan.Win32.85838
Rising	Backdoor.njRAT!1.9E49 (CLASSIC)
Yandex	Trojan.Agent!jISPnTyNia0
Ikarus	Trojan.MSIL.Bladabindi
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.LI!tr
BitDefenderTheta	Gen:NN.ZemsilF.34796.bmW@aescENe
AVG	MSIL:Bladabindi-JK [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (D)