Malware

What is “Mal/Generic-S + Troj/Bladab-AES”?

Malware Removal

The Mal/Generic-S + Troj/Bladab-AES is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/Generic-S + Troj/Bladab-AES virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Mal/Generic-S + Troj/Bladab-AES?



File Info:

name: DB1894B0BA5B919BDAD2.mlw
path: /opt/CAPEv2/storage/binaries/410fdedab7532f838e380b480c9f746113dd417af04be079c8c1de9831d95374
crc32: DCFF6A8B
md5: db1894b0ba5b919bdad2311a56d8e50c
sha1: 6f274437761b2bb065da27fb2489c4105be1db08
sha256: 410fdedab7532f838e380b480c9f746113dd417af04be079c8c1de9831d95374
sha512: ca53bb5acf7cd34aec83fb3a24e11235665d8110ccb534eb6de445dd4bfc7b287f73a21d0d97812625d61577c0e0fb738c080c6cab98d927c5f443899b9607a9
ssdeep: 24576:MOGthoKOQa9/3Jybn6p7xrnlgKxQRncwAZ:MOuiKODY6p0Kxan
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12A15AD3F75AD272FC175C775AAF09433B1409EA77200A994B4C69B6E0352A8E35C13EE
sha3_384: e191d11e0570aa8ebede19934fd30c885d39b331ccffc1d3a4ce5f9d15d259f2baed88010011c43893586f1c81b880c8
ep_bytes: ff250020400000000000000000000000
timestamp: 2073-12-17 19:34:58


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Galaxy Man
FileDescription: GhostParty
FileVersion: 5.0.0.0
InternalName: PublisherMembershipConditi.exe
LegalCopyright: Copyright ©  Galaxy Man
LegalTrademarks: 
OriginalFilename: PublisherMembershipConditi.exe
ProductName: GhostParty
ProductVersion: 5.0.0.0
Assembly Version: 2.0.0.0

Mal/Generic-S + Troj/Bladab-AES also known as:

LionicTrojan.MSIL.Agensla.i!c
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.21240
MicroWorld-eScanTrojan.GenericKD.38921922
FireEyeGeneric.mg.db1894b0ba5b919b
McAfeeAgentTesla-FDGR!DB1894B0BA5B
CylanceUnsafe
SangforInfostealer.MSIL.Agensla.gen
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Win32/Kryptik.ali2000016
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.7761b2
CyrenW32/MSIL_Kryptik.GOJ.gen!Eldorado
SymantecScr.Malcode!gdn30
ESET-NOD32a variant of MSIL/Kryptik.AEFO
TrendMicro-HouseCallTrojanSpy.MSIL.NEGASTEAL.SMG
Paloaltogeneric.ml
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefenderTrojan.GenericKD.38921922
AvastWin32:PWSX-gen [Trj]
Ad-AwareTrojan.GenericKD.38921922
SophosMal/Generic-S + Troj/Bladab-AES
TrendMicroTrojanSpy.MSIL.NEGASTEAL.SMG
McAfee-GW-EditionAgentTesla-FDGR!DB1894B0BA5B
EmsisoftTrojan.GenericKD.38921922 (B)
IkarusTrojan-Dropper.MSIL.Agent
AviraTR/AD.GenSteal.hidzd
KingsoftWin32.PSWTroj.Undef.(kcloud)
MicrosoftTrojan:MSIL/AgentTesla.RV!MTB
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D251E6C2
GDataTrojan.GenericKD.38921922
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.NEGASTEAL.C4960432
VBA32Malware-Cryptor.MSIL.AgentTesla.Heur
ALYacTrojan.GenericKD.38921922
MalwarebytesTrojan.Crypt.MSIL.Generic
APEXMalicious
YandexTrojan.Igent.bXrGb9.49
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat.ARN.H
AVGWin32:PWSX-gen [Trj]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Mal/Generic-S + Troj/Bladab-AES?

Mal/Generic-S + Troj/Bladab-AES removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment