Malware

Should I remove “Generic.MSIL.Bladabindi.B2D63CBB”?

Malware Removal

The Generic.MSIL.Bladabindi.B2D63CBB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.B2D63CBB virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Uses Windows utilities for basic functionality
  • Sniffs keystrokes
  • Installs itself for autorun at Windows startup
  • CAPE detected the njRat malware family
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Generic.MSIL.Bladabindi.B2D63CBB?



File Info:

name: 48ED9A8DB710DCD6D0D8.mlw
path: /opt/CAPEv2/storage/binaries/2ced537e0d50024e8483d28e8b4f25043c4d314416e634d2690470e64fa97731
crc32: BD8A7B97
md5: 48ed9a8db710dcd6d0d8b66dbb270455
sha1: 51edb2e9f6d71d76aa672660abcb7289bb3db1f5
sha256: 2ced537e0d50024e8483d28e8b4f25043c4d314416e634d2690470e64fa97731
sha512: cbb1e869994d319f012934040deda930dbc222cfca7b10003cd344143798475c1638305384c19d7a2d66bfd0ffd750004ebba59902945691699a94ab78bdf38d
ssdeep: 384:FQeCo2zmZbQHkJeCdUwBvQ61gjuQBnB9mRvR6JZlbw8hqIusZzZCQ:K5yBVd7RpcnuE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T127B2094E3FA98856C5AC17B4C6B5965003B491870413EE2FCCC954CBAFB3BD92D48AF9
sha3_384: 8fbcaae1f469538a2979db5366be3f9368dc744aed2c7aca2c87d25050d507e7a84e0617279ca9d34f7bc0f9c55ac780
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-08-06 18:10:17


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.B2D63CBB also known as:

BkavW32.FamVT.binANHb.Worm
LionicTrojan.Win32.Generic.mAmC
ElasticWindows.Trojan.Njrat
MicroWorld-eScanGeneric.MSIL.Bladabindi.B2D63CBB
FireEyeGeneric.mg.48ed9a8db710dcd6
CAT-QuickHealTrojan.Generic.TRFH5
ALYacGeneric.MSIL.Bladabindi.B2D63CBB
CylanceUnsafe
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
BitDefenderGeneric.MSIL.Bladabindi.B2D63CBB
K7GWTrojan ( 700000121 )
Cybereasonmalicious.db710d
BaiduMSIL.Backdoor.Bladabindi.a
VirITBackdoor.Win32.Generic.AWM
CyrenW32/MSIL_Bladabindi.AU.gen!Eldorado
SymantecBackdoor.Ratenjay
ESET-NOD32MSIL/Bladabindi.AS
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Generic-9795615-0
KasperskyBackdoor.MSIL.Bladabindi.p
AlibabaTrojan:Win32/Bladabindi.374
NANO-AntivirusTrojan.Win32.Bladabindi.eronkr
ViRobotBackdoor.Win32.Bladabindi.Gen.A
RisingBackdoor.njRAT!1.9E49 (CLASSIC)
Ad-AwareGeneric.MSIL.Bladabindi.B2D63CBB
TACHYONBackdoor/W32.DN-Bladabindi.24064.AM
SophosML/PE-A + Troj/MSIL-HX
ComodoBackdoor.MSIL.Bladabindi.A@566ygc
DrWebBackDoor.Bladabindi.13678
ZillyaBackdoor.Agent.Win32.55242
TrendMicroBKDR_BLADABI.SMC
McAfee-GW-EditionBehavesLike.Win32.BackdoorNJRat.mm
Trapminemalicious.moderate.ml.score
EmsisoftTrojan.Bladabindi (A)
IkarusTrojan.MSIL.Bladabindi
JiangminTrojanDropper.Autoit.dce
WebrootW32.Trojan.Gen
AviraTR/Dropper.Gen7
Antiy-AVLTrojan/Generic.ASBOL.A41
MicrosoftBackdoor:MSIL/Bladabindi
GDataMSIL.Backdoor.Bladabindi.AV
CynetMalicious (score: 100)
AhnLab-V3Backdoor/Win32.Bladabindi.R91438
Acronissuspicious
McAfeeTrojan-FIGN
MAXmalware (ai score=80)
VBA32Trojan.MSIL.Disfa
MalwarebytesBladabindi.Backdoor.Njrat.DDS
PandaTrj/CI.A
TrendMicro-HouseCallBKDR_BLADABI.SMI
TencentTrojan.Msil.Bladabindi.za
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.LI!tr
BitDefenderThetaGen:NN.ZemsilF.34582.bmW@aqwgcCj
AVGMSIL:Agent-DRD [Trj]
AvastMSIL:Agent-DRD [Trj]
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Generic.MSIL.Bladabindi.B2D63CBB?

Generic.MSIL.Bladabindi.B2D63CBB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment