About “Generic.MSIL.Bladabindi.C7D40049” infection

The Generic.MSIL.Bladabindi.C7D40049 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.MSIL.Bladabindi.C7D40049 virus can do?

Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
Uses Windows utilities for basic functionality
Sniffs keystrokes

How to determine Generic.MSIL.Bladabindi.C7D40049?


File Info:
crc32: 68E56DB0
md5: 06c87399cc411f09c41979e3fa80a416
name: banananas.exe
sha1: 9f8145935f3df3de6ea82b7ec7d80cff2de0a037
sha256: c11aa389598e6f936fb8674b7144dcc7a3b0a237397c9af1a15be1aac9f4a5b1
sha512: 74c61d101dcc58d3d843d2b246820f2a0647d9125aa7ee7704d6aae186b92157898747967ad0dffe9379d2607833f99496e1eade493548317fc0d979f271fa31
ssdeep: 768:yKE2hOVvZVYzxDCPAYb+/CIEpv6oHQmIDUu0tiTa+j:D+6ahI6jQVk4j
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
0: [No Data]

Generic.MSIL.Bladabindi.C7D40049 also known as:

MicroWorld-eScan	Generic.MSIL.Bladabindi.C7D40049
FireEye	Generic.mg.06c87399cc411f09
CAT-QuickHeal	PUA.GenericFC.S6052795
McAfee	BackDoor-NJRat!06C87399CC41
Malwarebytes	Backdoor.Bladabindi
VIPRE	Backdoor.MSIL.Bladabindi.a (v)
Sangfor	Malware
K7AntiVirus	Trojan ( 700000121 )
BitDefender	Generic.MSIL.Bladabindi.C7D40049
K7GW	Trojan ( 700000121 )
Cybereason	malicious.9cc411
TrendMicro	BKDR_BLADABI.SMC
BitDefenderTheta	Gen:NN.ZemsilF.32515.bmW@aaqpV4f
Cyren	W32/MSIL_Bladabindi.A.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Baidu	MSIL.Backdoor.Bladabindi.a
TrendMicro-HouseCall	BKDR_BLADABI.SMC
Avast	MSIL:Bladabindi-JK [Trj]
ClamAV	Win.Trojan.B-468
GData	Win32.Trojan-Spy.Bladabindi.BQ
Kaspersky	HEUR:Trojan.Win32.Generic
NANO-Antivirus	Trojan.Win32.Gen8.ecsqgn
Ad-Aware	Generic.MSIL.Bladabindi.C7D40049
Sophos	Mal/Bladabi-D
Comodo	Backdoor.MSIL.Bladabindi.BA@7oej5x
F-Secure	Trojan.TR/Dropper.Gen7
DrWeb	BackDoor.Bladabindi.15771
Zillya	Trojan.Bladabindi.Win32.99141
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Trojan.nm
SentinelOne	DFI – Malicious PE
Trapmine	malicious.high.ml.score
Emsisoft	Generic.MSIL.Bladabindi.C7D40049 (B)
APEX	Malicious
F-Prot	W32/MSIL_Bladabindi.A.gen!Eldorado
Jiangmin	Trojan/Refroso.dep
Avira	TR/Dropper.Gen7
Endgame	malicious (high confidence)
Arcabit	Generic.MSIL.Bladabindi.C7D40049
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Backdoor:MSIL/Bladabindi.B
AhnLab-V3	Trojan/Win32.Bladabindi.R130484
Acronis	suspicious
ALYac	Generic.MSIL.Bladabindi.C7D40049
MAX	malware (ai score=85)
VBA32	Trojan.Downloader
Cylance	Unsafe
Panda	Trj/GdSda.A
ESET-NOD32	a variant of MSIL/Bladabindi.AS
Rising	Backdoor.MSIL.Bladabindi!1.9E49 (CLASSIC)
Yandex	Trojan.Agent!VWvOp6RR4Ms
Ikarus	Backdoor.NJRat
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Agent.LI!tr
AVG	MSIL:Bladabindi-JK [Trj]
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	HEUR/QVM03.0.87E9.Malware.Gen

How to remove Generic.MSIL.Bladabindi.C7D40049?

Generic.MSIL.Bladabindi.C7D40049 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X