Malware

About “NewHeur_VB_Downloader.13” infection

Malware Removal

The NewHeur_VB_Downloader.13 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What NewHeur_VB_Downloader.13 virus can do?

  • Executable code extraction
  • A process attempted to delay the analysis task.
  • Network activity detected but not expressed in API logs
  • Harvests information related to installed mail clients
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine NewHeur_VB_Downloader.13?



File Info:

crc32: 1702EF9E
md5: 146ea15877901848560f3aeb720ecd1b
name: 146EA15877901848560F3AEB720ECD1B.mlw
sha1: b85c216518854d6a90f09ed020ccfb7c8956a670
sha256: 8a85905bf2390685720a73fe9dc99b32ce3ba4844e6382e7cf6d1e080409d275
sha512: f2bb48f80841cc7a3c9e1f47dd7e8604ec37ed4c7f8faa938ea26daeae3987de044a71969c51cef12627a47430f97934497bbc8a6c9457a8e61e93cae0a5b207
ssdeep: 1536:08drS9y28FbhnV894qsFPhKt8GQ0GkY9P37mPzkFjwyyAa:pdrZrhvNhKt8WY9P37CzWTva
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
InternalName: ddd
FileVersion: 1.00
CompanyName: Lehmann Brothers
ProductName: DownLow3
ProductVersion: 1.00
OriginalFilename: ddd.exe

NewHeur_VB_Downloader.13 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Johnnie.248454
CAT-QuickHealTrojan.Wacatac
Qihoo-360Win32/TrojanSpy.Generic.HgIASOYA
ALYacGen:Variant.Johnnie.248454
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0050a9921 )
BitDefenderGen:Variant.Johnnie.248454
K7GWTrojan ( 0050a9921 )
Cybereasonmalicious.877901
BitDefenderThetaGen:NN.ZevbaF.34804.gm0@a08EgNfi
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Trojan-gen
KasperskyTrojan.Win32.PowerShell.bms
AlibabaTrojan:Win32/PowerShell.7d3284e5
AegisLabTrojan.Win32.Johnnie.4!c
RisingMalware.Undefined!8.C (CLOUD)
Ad-AwareGen:Variant.Johnnie.248454
SophosMal/Generic-S
ComodoMalware@#1cwb4l5wyb3vq
F-SecureTrojan.TR/Spy.Gen
TrendMicroTROJ_GEN.R003C0GB621
McAfee-GW-EditionBehavesLike.Win32.Fareit.cm
FireEyeGeneric.mg.146ea15877901848
EmsisoftGen:Variant.Johnnie.248454 (B)
IkarusTrojan.NewHeur_VB_Downloader
WebrootW32.Trojan.TR.Spy
AviraTR/Spy.Gen
Antiy-AVLTrojan/Win32.PowerShell
MicrosoftTrojan:Win32/Tiggre!rfn
GridinsoftTrojan.Win32.Downloader.oa
ArcabitTrojan.Johnnie.D3CA86
ZoneAlarmTrojan.Win32.PowerShell.bms
GDataGen:Variant.Johnnie.248454
CynetMalicious (score: 85)
McAfeeArtemis!146EA1587790
MAXmalware (ai score=85)
MalwarebytesTrojan.Downloader
PandaTrj/GdSda.A
ESET-NOD32a variant of NewHeur_VB_Downloader.13
TrendMicro-HouseCallTROJ_GEN.R003C0GB621
TencentWin32.Trojan.Spy.Dwtq
eGambitUnsafe.AI_Score_99%
FortinetW32/PowerShell.BMS!tr
AVGWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_90% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove NewHeur_VB_Downloader.13?

NewHeur_VB_Downloader.13 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment