Generic.MSIL.Bladabindi.9D298473 (B) removal tips

The Generic.MSIL.Bladabindi.9D298473 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.MSIL.Bladabindi.9D298473 (B) virus can do?

CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
CAPE detected the njRat malware family

How to determine Generic.MSIL.Bladabindi.9D298473 (B)?


File Info:
name: 94D3B4A2EFAB7123A64D.mlw
path: /opt/CAPEv2/storage/binaries/bc87091114123db6a56eadffaedad974206a8ff04c0f46d2b729ca7479ebdb94
crc32: 3EAF6E13
md5: 94d3b4a2efab7123a64dfe5cdbcd8dd9
sha1: 0a8c2244476746554b13a3960ac1d33b4a88d5b6
sha256: bc87091114123db6a56eadffaedad974206a8ff04c0f46d2b729ca7479ebdb94
sha512: 1452304e5bd97173f474a86c92a65e6ecc9e366618c438e3714de6dcc7d2bfc8fdaee21c91e4bf1939ce65c225d3ee63cf01c3a5180c72bdfa05881a73c381a3
ssdeep: 3072:SeSE6kylFrGrq3K1vx7KCFxccUKmse0S2vqkGp3D6KN0ZV0sJLf0fo6c:SeR/uT3uvx71D5UKmfqm4
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10D34BF99A7988C16D62C53B5846ADB740371AD9E68B2D71F1CD9BCEF3F733800D8A142
sha3_384: 04bc2c959b1e9cb27bac17d7b466c0cdeacd3a0bde69ce35cfe5066eeec45ba4b6ea1d0923d22a9fef153e3adcee6931
ep_bytes: ff250020400000000000000000000000
timestamp: 2013-11-21 09:16:07

Version Info:
Translation: 0x0000 0x04b0
Comments: jkbhvfgfvctgchdrydcjdxtkbhrdrcfcxdgcgcrc
CompanyName: gjvg ytcfrcrtzdxrszwszjbkedfcgvbhjn
FileDescription: vuyfvutjgfcutfvjyfyjbfcuszdyfbutfdiyhg
FileVersion: 1.3.7.0
InternalName: w.exe
LegalCopyright: estrdytfugvbhujigoid,jcg bnuliyfu6dr7tiu
LegalTrademarks: tfiyjhfdkrcfygt796r75e64srydtfygfcfuohjbvhgcf
OriginalFilename: w.exe
ProductName: jvtzsdftgyids5ruxfjgcvhbgufocyh
ProductVersion: 1.3.7.0
Assembly Version: 1.3.7.0

Generic.MSIL.Bladabindi.9D298473 (B) also known as:

Bkav	W32.AIDetectNet.01
Elastic	malicious (high confidence)
MicroWorld-eScan	Generic.MSIL.Bladabindi.9D298473
CAT-QuickHeal	Backdoor.BladabindFC.S19435743
ALYac	Generic.MSIL.Bladabindi.9D298473
Cylance	Unsafe
VIPRE	Generic.MSIL.Bladabindi.9D298473
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 700000121 )
K7GW	Trojan ( 700000121 )
Cybereason	malicious.2efab7
Baidu	MSIL.Backdoor.Bladabindi.a
VirIT	Trojan.Win32.X-ILSpy.GM
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Bladabindi.AH
Cynet	Malicious (score: 99)
Paloalto	generic.ml
ClamAV	Win.Dropper.Bladabindi-7565286-0
NANO-Antivirus	Trojan.Win32.Autoruner.dbygjv
Ad-Aware	Generic.MSIL.Bladabindi.9D298473
TrendMicro	BKDR_BLADABI.SMC
Trapmine	malicious.high.ml.score
Emsisoft	Generic.MSIL.Bladabindi.9D298473 (B)
APEX	Malicious
Avira	TR/Spy.Gen8
Antiy-AVL	Trojan/Generic.ASMalwS.3303
Google	Detected
Acronis	suspicious
McAfee	Trojan-FIGN
Malwarebytes	Bladabindi.Backdoor.Njrat.DDS
Tencent	Trojan.Win32.Bladabindi.16000442
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.PPV!tr
Panda	Generic Malware
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Generic.MSIL.Bladabindi.9D298473 (B)?

Generic.MSIL.Bladabindi.9D298473 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X