Malware

Generic.MSIL.Bladabindi.6C3605F2 information

Malware Removal

The Generic.MSIL.Bladabindi.6C3605F2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.6C3605F2 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Uses Windows utilities for basic functionality
  • CAPE detected the njRat malware family
  • Creates a copy of itself
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Generic.MSIL.Bladabindi.6C3605F2?



File Info:

name: 36721EE9F55A0F3C32F1.mlw
path: /opt/CAPEv2/storage/binaries/b0b582a73a5b416afaeebde5e68a3c389cd11a032efb0f699d834d95d9a534ca
crc32: 2C8FA388
md5: 36721ee9f55a0f3c32f189572380d35f
sha1: e49476d7adfe0fd541b01664f74b119f490ea671
sha256: b0b582a73a5b416afaeebde5e68a3c389cd11a032efb0f699d834d95d9a534ca
sha512: 92846c6a40d47f08020744c8cced4110f6e74f0278a622d8683f09886f2b80ba5f63131674dc5285a0f5eb0688b407e1a53c6e46ce14537ae13f1c3f2136e088
ssdeep: 768:8bG5TP1/plIzxTCfVYAvN1Zvy/QmIDUu0tiiTj:Lb1ay/YQVk1j
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T124E20BADFBE64466D2BD0AB50571950013B4E103E523F77E4ECA34962B6B6C84B88DF2
sha3_384: aac2dcfe32f104dd801d08393b426f06f063f3dc33d81a456899e1a0b61ed75a7300fff92edd633851c7710676c342fa
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-10-21 23:50:49


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.6C3605F2 also known as:

BkavW32.HarMinerLL.Trojan
MicroWorld-eScanGeneric.MSIL.Bladabindi.6C3605F2
ClamAVWin.Packed.Generic-9795615-0
CAT-QuickHealTrojan.GenericFC.S20328680
ALYacGeneric.MSIL.Bladabindi.6C3605F2
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
K7GWTrojan ( 700000121 )
Cybereasonmalicious.9f55a0
BaiduMSIL.Backdoor.Bladabindi.a
VirITTrojan.Win32.Dnldr25.DDDI
CyrenW32/MSIL_Bladabindi.A.gen!Eldorado
SymantecMSIL.Trojan!gen2
ElasticWindows.Trojan.Njrat
ESET-NOD32a variant of MSIL/Bladabindi.AS
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.MSIL.Bladabindi.6C3605F2
NANO-AntivirusTrojan.Win32.Gen8.ecsqgn
AvastMSIL:Bladabindi-JK [Trj]
TencentTrojan.Msil.Bladabindi.fb
Ad-AwareGeneric.MSIL.Bladabindi.6C3605F2
TACHYONBackdoor/W32.DN-NjRat.32256
SophosML/PE-A + Mal/Bladabi-D
ComodoBackdoor.MSIL.Bladabindi.BA@7oej5x
DrWebBackDoor.Bladabindi.15771
VIPREGeneric.MSIL.Bladabindi.6C3605F2
TrendMicroBKDR_BLADABI.SMC
McAfee-GW-EditionBehavesLike.Win32.Trojan.nm
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.36721ee9f55a0f3c
EmsisoftGeneric.MSIL.Bladabindi.6C3605F2 (B)
SentinelOneStatic AI – Malicious PE
GDataMSIL.Trojan-Spy.Bladabindi.BQ
JiangminTrojanDropper.Autoit.dce
AviraTR/Dropper.Gen7
Antiy-AVLTrojan/Generic.ASBOL.A8F4
ArcabitGeneric.MSIL.Bladabindi.6C3605F2
MicrosoftBackdoor:MSIL/Bladabindi
GoogleDetected
AhnLab-V3Trojan/Win32.Bladabindi.R130484
Acronissuspicious
McAfeeBackDoor-NJRat!36721EE9F55A
MAXmalware (ai score=87)
VBA32Trojan.MSIL.Bladabindi.Heur
MalwarebytesGeneric.Trojan.Malicious.DDS
RisingBackdoor.njRAT!1.9E49 (CLASSIC)
YandexTrojan.AvsMofer.dd6520
IkarusTrojan.MSIL.Bladabindi
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.LI!tr
BitDefenderThetaGen:NN.ZemsilF.34726.bmW@a0p2qCl
AVGMSIL:Bladabindi-JK [Trj]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Generic.MSIL.Bladabindi.6C3605F2?

Generic.MSIL.Bladabindi.6C3605F2 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment