Malware

Mal/VBbl-PP information

Malware Removal

The Mal/VBbl-PP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Mal/VBbl-PP virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Mal/VBbl-PP?



File Info:

name: 1D598CF681828CAD4441.mlw
path: /opt/CAPEv2/storage/binaries/559709819504f01d5cc74a70b4ec12cbed2423334533a8b33691386795f03cf8
crc32: 203C146E
md5: 1d598cf681828cad44419a837627faa0
sha1: c6f5d7b357c79f32ff5662e13863ac3c21614e6a
sha256: 559709819504f01d5cc74a70b4ec12cbed2423334533a8b33691386795f03cf8
sha512: 13dce72a9122aeb9fad25f66f81002e0d1c3c0acf8ef30edf0086c6f05edee1aaa297af99dc09490e609dbb6883cee72d4a77f0548b90875ea728a6e05b92b99
ssdeep: 6144:0kV9pubEah8qkL3kbkVleukkdw2KMYeV9pubEah8qkL3kbkVleuF:F9mHTkL3kbkVlnknZe9mHTkL3kbkVln
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BEF4079D3BC68C0AC1747939097BF53596E23C0C2727945EF6A93BAE7832C683D96143
sha3_384: 86e9ab1b7f387949948e4f00f5d0275a9151dd6f8ed94789881a0994f6e31dbc78a863fed5ec0626b9bb4ca66ad05cda
ep_bytes: 68d4094500e8f0ffffff000048000000
timestamp: 2012-09-17 04:49:15


Version Info:

Translation: 0x0409 0x04b0
CompanyName: WRSoft.org
ProductName: Client
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Client
OriginalFilename: Client.exe

Mal/VBbl-PP also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.VB.b!c
MicroWorld-eScanGen:Heur.VB.Krypt.13
CAT-QuickHealTrojan.VBCrypt.MF.9613
McAfeeArtemis!1D598CF68182
ZillyaDropper.VB.Win32.52629
SangforTrojan.Win32.Agent.V7th
Cybereasonmalicious.681828
BitDefenderThetaAI:Packer.D595929120
CyrenW32/VBCrypt.A!Generic
SymantecML.Attribute.HighConfidence
APEXMalicious
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Heur.VB.Krypt.13
NANO-AntivirusTrojan.Win32.VBTrojan.bcmcou
AvastWin32:Trojan-gen
EmsisoftGen:Heur.VB.Krypt.13 (B)
VIPREGen:Heur.VB.Krypt.13
TrendMicroTROJ_GEN.R002C0RDM23
McAfee-GW-EditionBehavesLike.Win32.Infected.bt
Trapminemalicious.high.ml.score
FireEyeGen:Heur.VB.Krypt.13
SophosMal/VBbl-PP
GDataGen:Heur.VB.Krypt.13
WebrootW32.Trojan.Gen
GoogleDetected
Antiy-AVLTrojan[Dropper]/Win32.VB
XcitiumMalware@#3g6hskao6e5kj
ArcabitTrojan.VB.Krypt.13
ZoneAlarmUDS:DangerousObject.Multi.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
VBA32Malware-Cryptor.VB.gen.2
ALYacGen:Heur.VB.Krypt.13
Cylanceunsafe
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.R002C0RDM23
RisingTrojan.VBInject!1.64FE (CLOUD)
YandexTrojan.GenAsa!9iQii2tA2OI
MaxSecureTrojan.Malware.1728101.susgen
FortinetW32/VB.BL
AVGWin32:Trojan-gen
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_60% (D)

How to remove Mal/VBbl-PP?

Mal/VBbl-PP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment