Malware

What is “Generic.MSIL.Bladabindi.958CB55C”?

Malware Removal

The Generic.MSIL.Bladabindi.958CB55C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.958CB55C virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Creates a copy of itself

Related domains:

4.tcp.ngrok.io

How to determine Generic.MSIL.Bladabindi.958CB55C?



File Info:

crc32: 74227ACC
md5: a4b89da90c002a6cb2753c9eaa2655de
name: A4B89DA90C002A6CB2753C9EAA2655DE.mlw
sha1: 11e80ffcc3bb1d9711aa46a6c0b9d21567a3e44a
sha256: 917ef72731455e80e3d49b198924d5810e539984bb6c6dbd238d518ed284d8c5
sha512: 421e0dd6660aeed60c6a5eea58bf5c4cfd6cebbdc4d9abca2d8a335bf3ba68afe7121eef45dec7a5bd46354a19cc815eb562337833e460c027c08e85887764dd
ssdeep: 768:vPwoqkZlH/azx1+ta+q3U97v8+QmIDUu0ti3Kj:i4qSp7QVkXj
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.958CB55C also known as:

K7AntiVirusTrojan ( 700000121 )
Elasticmalicious (high confidence)
DrWebBackDoor.Bladabindi.15771
CynetMalicious (score: 100)
CAT-QuickHealPUA.GenericFC.S6052795
McAfeeBackDoor-NJRat!A4B89DA90C00
CylanceUnsafe
ZillyaTrojan.Bladabindi.Win32.99141
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:MSIL/Bladabindi.50d2d13d
K7GWTrojan ( 700000121 )
Cybereasonmalicious.90c002
BaiduMSIL.Backdoor.Bladabindi.a
CyrenW32/MSIL_Bladabindi.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Bladabindi.AS
ZonerTrojan.Win32.85838
APEXMalicious
AvastMSIL:Bladabindi-JK [Trj]
ClamAVWin.Trojan.B-468
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.MSIL.Bladabindi.958CB55C
NANO-AntivirusTrojan.Win32.Gen8.ecsqgn
MicroWorld-eScanGeneric.MSIL.Bladabindi.958CB55C
TencentWin32.Trojan.Generic.Lnee
Ad-AwareGeneric.MSIL.Bladabindi.958CB55C
SophosML/PE-A + Mal/Bladabi-D
ComodoBackdoor.MSIL.Bladabindi.BA@7oej5x
BitDefenderThetaGen:NN.ZemsilF.34688.bmW@aeS8VZl
VIPREBackdoor.MSIL.Bladabindi.a (v)
TrendMicroBKDR_BLADABI.SMC
McAfee-GW-EditionBehavesLike.Win32.BackdoorNJRat.nm
FireEyeGeneric.mg.a4b89da90c002a6c
EmsisoftGeneric.MSIL.Bladabindi.958CB55C (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Refroso.dep
AviraTR/Dropper.Gen7
eGambitUnsafe.AI_Score_100%
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftBackdoor:MSIL/Bladabindi
AegisLabTrojan.Win32.Generic.lA1H
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataMSIL.Trojan-Spy.Bladabindi.BQ
TACHYONBackdoor/W32.DN-NjRat.32256
AhnLab-V3Trojan/Win32.Bladabindi.R130484
Acronissuspicious
VBA32Trojan.Downloader
MAXmalware (ai score=80)
MalwarebytesGeneric.Trojan.Malicious.DDS
PandaTrj/GdSda.A
TrendMicro-HouseCallBKDR_BLADABI.SMC
RisingBackdoor.Njrat!1.9E49 (CLOUD)
YandexTrojan.AvsMofer.dd6520
IkarusTrojan.MSIL.Bladabindi
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.LI!tr
AVGMSIL:Bladabindi-JK [Trj]
Paloaltogeneric.ml

How to remove Generic.MSIL.Bladabindi.958CB55C?

Generic.MSIL.Bladabindi.958CB55C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment