Mal/Generic-R + Mal/VB-F malicious file

The Mal/Generic-R + Mal/VB-F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Mal/Generic-R + Mal/VB-F virus can do?

Behavioural detection: Executable code extraction – unpacking
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Mal/Generic-R + Mal/VB-F?


File Info:
name: BDAABB91F0B973D21628.mlw
path: /opt/CAPEv2/storage/binaries/038066dde681d10e21be29710383fba654acdc2f4f8272aa9c196ebd3b31edec
crc32: 611CB1EC
md5: bdaabb91f0b973d216281c79303e6209
sha1: 18097efde7c8d386f31821d01e4b62fa49584cc5
sha256: 038066dde681d10e21be29710383fba654acdc2f4f8272aa9c196ebd3b31edec
sha512: 6a4bfe09a00e165d20cd70cff644104959bb7e553e4e131df34163c435dc3aff5b14358fbd182d9e6b6612af971bc46a47331c876dbd35914502bfd4005b552d
ssdeep: 96:/lxb+hZjE4Jv9X9wkseySbgnFC4JNGCub65dVXs5yqiz/qEz/738yGwSapIjrMhV:/TN4jsJ44JEfCRzyEzofiWrW+V
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AB927123F97C48B2F65987B30E7787A904177C116A219E0B798EBF6D1C316822DF161B
sha3_384: e0bedfd8f5b9fd92ea2186e21444e2ad6b9eea8ca051f9ff713fed7591088b5eea812a3f7ae6caeb3d948b6d872b3514
ep_bytes: 68c8134000e8f0ffffff000000000000
timestamp: 2012-03-20 06:58:48

Version Info:
Translation: 0x0409 0x04b0
CompanyName: indomarco
ProductName: MyRat_S
FileVersion: 1.00
ProductVersion: 1.00
InternalName: MyRat_S
OriginalFilename: MyRat_S.exe

Mal/Generic-R + Mal/VB-F also known as:

Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Gen:Trojan.Heur.bm0@fz5RaFgi
FireEye	Gen:Trojan.Heur.bm0@fz5RaFgi
McAfee	Artemis!BDAABB91F0B9
Sangfor	Riskware.Win32.Agent.ky
Alibaba	Trojan:Win32/Generic.33dcb598
Cyren	W32/VBTrojan.17E!Maximus
Symantec	Trojan.Gen.MBT
APEX	Malicious
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Trojan.Heur.bm0@fz5RaFgi
NANO-Antivirus	Trojan.Win32.VBTrojan.dhjbtt
Avast	Win32:Malware-gen
Tencent	Win32.Trojan.Heur.Pjdq
Ad-Aware	Gen:Trojan.Heur.bm0@fz5RaFgi
Emsisoft	Gen:Trojan.Heur.bm0@fz5RaFgi (B)
TrendMicro	TROJ_GEN.R002C0RKJ21
McAfee-GW-Edition	BehavesLike.Win32.Trojan.mz
Sophos	Mal/Generic-R + Mal/VB-F
MAX	malware (ai score=89)
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Wacatac.B!ml
ViRobot	Trojan.Win32.Z.Agent.20480.JXN
GData	Gen:Trojan.Heur.bm0@fz5RaFgi
BitDefenderTheta	AI:Packer.A3E6DA0F1C
ALYac	Gen:Trojan.Heur.bm0@fz5RaFgi
VBA32	Trojan.VB.gen
TrendMicro-HouseCall	TROJ_GEN.R002C0RKJ21
AVG	Win32:Malware-gen
MaxSecure	Trojan.Malware.300983.susgen

How to remove Mal/Generic-R + Mal/VB-F?

Mal/Generic-R + Mal/VB-F removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X