Malware

Generic.MSIL.Bladabindi.96D379A2 information

Malware Removal

The Generic.MSIL.Bladabindi.96D379A2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.96D379A2 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Uses Windows utilities for basic functionality
  • CAPE detected the njRat malware family
  • Creates a copy of itself
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Generic.MSIL.Bladabindi.96D379A2?



File Info:

name: 304915EC0C079B6C9A1A.mlw
path: /opt/CAPEv2/storage/binaries/fca5ec8d6b3a3db5f3a02046528b2109a4c14cc102aa810d6217c18188940076
crc32: 2F3E3A2B
md5: 304915ec0c079b6c9a1a32583caedf09
sha1: ccc948cbde8899f9f7b83057525f587e3adcfecb
sha256: fca5ec8d6b3a3db5f3a02046528b2109a4c14cc102aa810d6217c18188940076
sha512: c194375e9c3be88fee29addca537bc827811c1e932274d3378b87a4017927cc046a035aa78bf50f6fc5ba8d547dab78f429e91d86ce1866141c5425c7ab42ba8
ssdeep: 384:BtsqS+ER6vRKXGYKRWVSujUtX9w6Dglo61Z5DVmRvR6JZlbw8hqIusZzZO1:BWf65K2Yf1jKRpcnup
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T197B22B4E3FA98856C9BC077489A5965003B4D1470423EE2FCCD564CBAFB3AD92D48AF8
sha3_384: 8f581ab91c335d663aee38ead21d1c1129aa61c5810d9630edd975522902fabb4b7f27ce908ae878b863c20e910f76ba
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-08-29 21:26:15


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.96D379A2 also known as:

BkavW32.FamVT.binANHb.Worm
ElasticWindows.Trojan.Njrat
MicroWorld-eScanGeneric.MSIL.Bladabindi.96D379A2
ClamAVWin.Packed.Generic-9795615-0
FireEyeGeneric.mg.304915ec0c079b6c
CAT-QuickHealTrojan.Generic.TRFH5
McAfeeTrojan-FIGN
CylanceUnsafe
VIPREGeneric.MSIL.Bladabindi.96D379A2
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
K7GWTrojan ( 700000121 )
CrowdStrikewin/malicious_confidence_100% (D)
BaiduMSIL.Backdoor.Bladabindi.a
VirITBackdoor.Win32.Generic.AWM
CyrenW32/MSIL_Bladabindi.AU.gen!Eldorado
SymantecBackdoor.Ratenjay
ESET-NOD32MSIL/Bladabindi.BC
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.MSIL.Bladabindi.96D379A2
NANO-AntivirusTrojan.Win32.Disfa.dtznyx
AvastMSIL:Agent-DRD [Trj]
TencentTrojan.Msil.Bladabindi.za
Ad-AwareGeneric.MSIL.Bladabindi.96D379A2
EmsisoftTrojan.Bladabindi (A)
ComodoBackdoor.MSIL.Bladabindi.A@566ygc
DrWebBackDoor.Bladabindi.13678
ZillyaTrojan.Disfa.Win32.27264
TrendMicroBKDR_BLADABI.SMC
McAfee-GW-EditionBehavesLike.Win32.Trojan.mm
Trapminemalicious.moderate.ml.score
SophosML/PE-A + Troj/DotNet-P
SentinelOneStatic AI – Malicious PE
GDataMSIL.Backdoor.Bladabindi.AV
JiangminTrojanDropper.Autoit.dce
AviraTR/Dropper.Gen7
MAXmalware (ai score=83)
Antiy-AVLTrojan/Generic.ASBOL.A8F4
ArcabitGeneric.MSIL.Bladabindi.96D379A2
ViRobotBackdoor.Win32.Bladabindi.Gen.A
MicrosoftBackdoor:MSIL/Bladabindi
GoogleDetected
AhnLab-V3Win-Trojan/Zbot.24064
Acronissuspicious
ALYacGeneric.MSIL.Bladabindi.96D379A2
MalwarebytesBladabindi.Backdoor.Njrat.DDS
TrendMicro-HouseCallBKDR_BLADABI.SMI
RisingBackdoor.njRAT!1.9E49 (CLASSIC)
YandexTrojan.Agent!34eqAOou6ck
IkarusTrojan.MSIL.Bladabindi
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZemsilF.34606.bmW@aq2Q!og
AVGMSIL:Agent-DRD [Trj]
Cybereasonmalicious.c0c079
PandaGeneric Malware

How to remove Generic.MSIL.Bladabindi.96D379A2?

Generic.MSIL.Bladabindi.96D379A2 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment