Should I remove “SScope.Trojan.VBRA.6299”?

The SScope.Trojan.VBRA.6299 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What SScope.Trojan.VBRA.6299 virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Authenticode signature is invalid

How to determine SScope.Trojan.VBRA.6299?


File Info:
name: 2F9AC1EBD247CB8BEDC4.mlw
path: /opt/CAPEv2/storage/binaries/3251cd95585a093bd5ecc45c67d6da65e8772fea29e5557ca288e9b47c0bc148
crc32: E67C6D91
md5: 2f9ac1ebd247cb8bedc485d61cfdec3a
sha1: 8ae542acbf291fb87bea1110f7ad371ef84a1711
sha256: 3251cd95585a093bd5ecc45c67d6da65e8772fea29e5557ca288e9b47c0bc148
sha512: 370d35ad35a9b4c3be9a14f17e735d5129d39d55432fc4953c2245ad9f45390be92a7a5a9322775ed4ab35c35ae888e06260d0c183e3832af3032f94a960d817
ssdeep: 6144:v0dAmC9ma7LM+EuoN5Maj//G1DSMMyTDb1XJTxUoS7:08n7g+Ev5F/2DSMMSDbdJdUoS7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14454237E527B766CC14B03351EB28F890428FE1C92CD016BF0D5F99A97BCA446B36178
sha3_384: bfaa6eab6a05a1f0404cc6606a32ec484776688640a65394a704eb5c3320489bd121538446c8af9993d8d0b630c4e1c7
ep_bytes: 60be00305b008dbe00e0e4ff5789e58d
timestamp: 2011-02-21 19:16:29

Version Info:
Translation: 0x0409 0x04b0
Comments: EWXFNWXDO
CompanyName: WVQPRKIRL
FileDescription: PZCSYTDUA
ProductName: IHZVLTAJK
FileVersion: 17.15.0009
ProductVersion: 17.15.0009
InternalName: undgpxa
OriginalFilename: undgpxa.exe

SScope.Trojan.VBRA.6299 also known as:

Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.MulDrop3.21280
MicroWorld-eScan	Gen:Heur.ManBat.1
FireEye	Generic.mg.2f9ac1ebd247cb8b
McAfee	PWS-Spyeye.el
Malwarebytes	Malware.AI.4251118812
Zillya	Trojan.VBKrypt.Win32.129311
K7AntiVirus	Trojan ( 0021a0b51 )
Alibaba	Trojan:Win32/Injector.29204d8a
K7GW	Trojan ( 0021a0b51 )
CrowdStrike	win/malicious_confidence_100% (W)
BitDefenderTheta	AI:Packer.EC0F5AC920
Cyren	W32/Trojan.FDCS-8756
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Injector.EYU
TrendMicro-HouseCall	TROJ_GEN.R002C0PKR21
Paloalto	generic.ml
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Heur.ManBat.1
NANO-Antivirus	Trojan.Win32.Drop.ecjudo
Avast	Win32:Evo-gen [Susp]
Tencent	Malware.Win32.Gencirc.10cf8f67
Ad-Aware	Gen:Heur.ManBat.1
Emsisoft	Gen:Heur.ManBat.1 (B)
Comodo	TrojWare.Win32.VBKrypt.cjub@4vg4ee
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.R002C0PKR21
McAfee-GW-Edition	BehavesLike.Win32.PWSSpyeye.dc
Sophos	ML/PE-A + Mal/VB-UY
SentinelOne	Static AI – Malicious PE
GData	Gen:Heur.ManBat.1
Jiangmin	Trojan/VBKrypt.hgqd
eGambit	Unsafe.AI_Score_91%
Avira	TR/Dropper.Gen
MAX	malware (ai score=84)
Antiy-AVL	Trojan/Generic.ASMalwS.18A0D35
ViRobot	Trojan.Win32.Z.Vbkrypt.296972
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Cynet	Malicious (score: 100)
VBA32	SScope.Trojan.VBRA.6299
ALYac	Gen:Heur.ManBat.1
APEX	Malicious
Yandex	Trojan.VBKrypt!6Cs3ayBiGQk
Ikarus	Trojan.Win32.VBKrypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Injector.MQI!tr
AVG	Win32:Evo-gen [Susp]
Cybereason	malicious.bd247c

How to remove SScope.Trojan.VBRA.6299?

SScope.Trojan.VBRA.6299 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X