Malware

What is “Generic.MSIL.Bladabindi.B2BA9B92”?

Malware Removal

The Generic.MSIL.Bladabindi.B2BA9B92 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.B2BA9B92 virus can do?

  • Injection (inter-process)
  • Injection with CreateRemoteThread in a remote process
  • Creates RWX memory
  • Reads data out of its own binary image
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • A potential decoy document was displayed to the user
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Harvests information related to installed mail clients
  • Anomalous binary characteristics

How to determine Generic.MSIL.Bladabindi.B2BA9B92?



File Info:

crc32: 0EF8AE83
md5: 10aa1519fe4f78011f126be8600a3daa
name: owoware.xyz.exe
sha1: d298acdeea705d5515a107bf0b0e65156835ba2f
sha256: 1c3ab4141b0a8a5b29ea94dbd72effda1ed7ded1f3651ae9df620f9dddbfcc79
sha512: 9f8c91845761436b07b022075e9ebe3e937cd0bf7edf6f12c98938d061601463707ff82e8a115df17d85b45f3c9c6331c60feb0ba7136bf4a36c121b127b1344
ssdeep: 384:OluBPiZCMfdfSJrQbsLRGSIxYVL46pg/i8BD9FmRvR6JZlbw8hqIusZzZvN:xOmhtI+Rpcnum
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.B2BA9B92 also known as:

BkavW32.AdonisC.Trojan
MicroWorld-eScanGeneric.MSIL.Bladabindi.B2BA9B92
FireEyeGeneric.mg.10aa1519fe4f7801
CAT-QuickHealBackdoor.Bladabindi.AL3
McAfeeTrojan-FIGN
ALYacGeneric.MSIL.Bladabindi.B2BA9B92
CylanceUnsafe
VIPREBackdoor.MSIL.Bladabindi.a (v)
SangforMalware
K7AntiVirusTrojan ( 700000121 )
BitDefenderGeneric.MSIL.Bladabindi.B2BA9B92
K7GWTrojan ( 700000121 )
Cybereasonmalicious.9fe4f7
TrendMicroBKDR_BLADABI.SMC
BaiduMSIL.Backdoor.Bladabindi.a
F-ProtW32/MSIL_Bladabindi.AU.gen!Eldorado
TotalDefenseWin32/DotNetDl.A!generic
APEXMalicious
AvastMSIL:Agent-DRD [Trj]
ClamAVWin.Trojan.B-468
GDataMSIL.Backdoor.Bladabindi.AV
KasperskyTrojan.MSIL.Disfa.bqd
AlibabaBackdoor:MSIL/Bladabindi.47830020
NANO-AntivirusTrojan.Win32.Dwn.cvaozm
ViRobotBackdoor.Win32.Bladabindi.Gen.A
AegisLabTrojan.Win32.Generic.m0yY
RisingBackdoor.MSIL.Bladabindi!1.9E49 (CLOUD)
Endgamemalicious (high confidence)
EmsisoftGeneric.MSIL.Bladabindi.B2BA9B92 (B)
ComodoBackdoor.MSIL.Bladabindi.A@566ygc
F-SecureTrojan.TR/Dropper.Gen7
DrWebBackDoor.Bladabindi.15042
ZillyaBackdoor.Agent.Win32.55242
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Trojan.mm
Trapminesuspicious.low.ml.score
SophosTroj/DotNet-P
IkarusTrojan.MSIL.Bladabindi
CyrenW32/MSIL_Bladabindi.AU.gen!Eldorado
JiangminTrojanDropper.Autoit.dce
WebrootW32.Trojan.Gen
AviraTR/Dropper.Gen7
eGambitUnsafe.AI_Score_100%
MAXmalware (ai score=100)
Antiy-AVLTrojan[Backdoor]/MSIL.Bladabindi.as
ArcabitGeneric.MSIL.Bladabindi.B2BA9B92
SUPERAntiSpywareTrojan.Agent/Gen-Bladabindi
ZoneAlarmTrojan.MSIL.Disfa.bqd
MicrosoftBackdoor:MSIL/Bladabindi
AhnLab-V3Backdoor/Win32.Bladabindi.R91438
Acronissuspicious
VBA32Trojan.MSIL.Disfa
Ad-AwareGeneric.MSIL.Bladabindi.B2BA9B92
MalwarebytesBackdoor.NJRat
PandaTrj/GdSda.A
ESET-NOD32MSIL/Bladabindi.BC
TrendMicro-HouseCallBKDR_BLADABI.SMC
TencentMsil.Trojan.Disfa.Dwtm
YandexTrojan.Disfa!QAyAlDJYQNw
SentinelOneDFI – Malicious PE
MaxSecureTrojan.Malware.8325738.susgen
FortinetMSIL/Agent.LI!tr
BitDefenderThetaGen:NN.ZemsilF.34084.bmW@aeQcSEe
AVGMSIL:Agent-DRD [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Trojan.841

How to remove Generic.MSIL.Bladabindi.B2BA9B92?

Generic.MSIL.Bladabindi.B2BA9B92 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment