Malware

Should I remove “Generic.MSIL.Bladabindi.F8D61F4C”?

Malware Removal

The Generic.MSIL.Bladabindi.F8D61F4C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Bladabindi.F8D61F4C virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Anomalous .NET characteristics
  • Uses Windows utilities for basic functionality
  • CAPE detected the njRat malware family
  • Creates a copy of itself
  • Creates known Njrat/Bladabindi RAT registry keys

How to determine Generic.MSIL.Bladabindi.F8D61F4C?



File Info:

name: CC68E21EFE57020FBFEC.mlw
path: /opt/CAPEv2/storage/binaries/acf1051ca98b2ffacd22cb563d1b851ad4a7fd09ee88103ad5e79d3135eb8444
crc32: AFD8CFBB
md5: cc68e21efe57020fbfeca466455db739
sha1: 2801e74706d40754385f6258958f1407c7451c13
sha256: acf1051ca98b2ffacd22cb563d1b851ad4a7fd09ee88103ad5e79d3135eb8444
sha512: 91207dd133bd6c706f2d0556f383206641f3ce1e93a345e7d5d8bbad166fbc17b7786125dd34e5a5a7c28dd18c4f4f8a11d9b3b50c33ababd9bc50e41c5fad3d
ssdeep: 384:XslUlEvOEJ8xWwYJOMiOBZEdj1567gtwi5HhbQmRvR6JZlbw8hqIusZzZ6D:IeEvwIlLMRpcnuj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T18AB22A0E3FB9C856C5AC177486A5965003B091470423EE2FCDC564DBAFB37D92D48AF9
sha3_384: f64b5850cd0eb9eb086b3f98203d861f6b3c1a1b8cd5f6384806b0b4a5da1b416c29e7b289211a0c371b8df6ce14767b
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-09-30 03:05:42


Version Info:

0: [No Data]

Generic.MSIL.Bladabindi.F8D61F4C also known as:

BkavW32.FamVT.binANHb.Worm
ElasticWindows.Trojan.Njrat
DrWebTrojan.DownLoader23.25967
MicroWorld-eScanGeneric.MSIL.Bladabindi.F8D61F4C
FireEyeGeneric.mg.cc68e21efe57020f
CAT-QuickHealTrojan.Generic.TRFH5
McAfeeTrojan-FIGN
CylanceUnsafe
ZillyaTrojan.Disfa.Win32.27264
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 700000121 )
K7GWTrojan ( 700000121 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZemsilF.34698.bmW@aiJ7VTd
VirITBackdoor.Win32.Generic.AWM
CyrenW32/MSIL_Bladabindi.AU.gen!Eldorado
SymantecBackdoor.Ratenjay
ESET-NOD32MSIL/Bladabindi.BH
APEXMalicious
TrendMicro-HouseCallBKDR_BLADABI.SMI
ClamAVWin.Packed.Generic-9795615-0
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGeneric.MSIL.Bladabindi.F8D61F4C
NANO-AntivirusTrojan.Win32.Disfa.dtznyx
ViRobotBackdoor.Win32.Bladabindi.Gen.A
AvastMSIL:Agent-DRD [Trj]
TencentTrojan.Msil.Bladabindi.za
Ad-AwareGeneric.MSIL.Bladabindi.F8D61F4C
SophosML/PE-A + Troj/DotNet-P
ComodoBackdoor.MSIL.Bladabindi.A@566ygc
BaiduMSIL.Backdoor.Bladabindi.a
VIPREGeneric.MSIL.Bladabindi.F8D61F4C
TrendMicroBKDR_BLADABI.SMC
McAfee-GW-EditionBehavesLike.Win32.Trojan.mm
Trapminemalicious.moderate.ml.score
EmsisoftTrojan.Bladabindi (A)
SentinelOneStatic AI – Malicious PE
GDataMSIL.Backdoor.Bladabindi.AV
JiangminTrojanDropper.Autoit.dce
GoogleDetected
AviraTR/Dropper.Gen7
MAXmalware (ai score=81)
Antiy-AVLTrojan/Generic.ASBOL.A8F4
MicrosoftBackdoor:MSIL/Bladabindi
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Zbot.24064
Acronissuspicious
VBA32TScope.Trojan.MSIL
ALYacGeneric.MSIL.Bladabindi.F8D61F4C
TACHYONBackdoor/W32.DN-NjRat.24064.Y
MalwarebytesBladabindi.Backdoor.Njrat.DDS
RisingBackdoor.njRAT!1.9E49 (CLASSIC)
YandexTrojan.Agent!28GjWDalpXI
IkarusTrojan.MSIL.Bladabindi
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Agent.LI!tr
AVGMSIL:Agent-DRD [Trj]
Cybereasonmalicious.efe570
PandaGeneric Malware

How to remove Generic.MSIL.Bladabindi.F8D61F4C?

Generic.MSIL.Bladabindi.F8D61F4C removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment