Malware

Troj/VB-KUP (file analysis)

Malware Removal

The Troj/VB-KUP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/VB-KUP virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial language used in binary resources: Macedonian
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Anomalous binary characteristics

How to determine Troj/VB-KUP?



File Info:

crc32: 4710E975
md5: ef0e4743099131a526895078e884b640
name: tmpjn200tf5
sha1: 8e7683581f7855d988f4253997dfb4fc6547defc
sha256: bf8a23d12b3fdefaf42ff670523c3990d2ac97a3c951e0d075a32dee698fa44c
sha512: 6fe6c9e6c5290df30b62efcb6d2ab35a4c9762be4d91562c64508c0f8d3f474d4d53f53de4499fb568b3053c5d4357efcde4ef11c51001abe6d388671da46008
ssdeep: 12288:O6X/R7yk6zOPqVakU98MktuIvUrcxI+Fgt1jHxCx09RXB8qC/FEucAdq4gZt2w:Og7yk6zOPqVakBuIvUrcxI+Fgt1jRCG5
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: (c) David K Richmond
InternalName: MediaMDGCLibrarySample
FileVersion: 6.01
CompanyName: David K Richmond
LegalTrademarks: All code is property of David K Richmond
Comments: MediaLibrary Disk/Memory Sample (Demonstration of BSTN class) inc. Garbage Collection and Delete Disk Media
ProductName: MediaLibrary Sample BETA (new beta disk file version)
ProductVersion: 6.01
FileDescription: MediaLibrary (includes Beta Disk File Access wrapper in BSTN Class) Media Disk Delete Implemented and some bug fixes.
OriginalFilename: MediaMDGCLibrarySample.exe

Troj/VB-KUP also known as:

DrWebTrojan.Packed.140
MicroWorld-eScanTrojan.GenericKDZ.68028
FireEyeGeneric.mg.ef0e4743099131a5
CAT-QuickHealTrojan.Mansabo
Qihoo-360Win32/Trojan.BO.24d
McAfeeGenericRXLC-PM!EF0E47430991
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
CrowdStrikewin/malicious_confidence_70% (W)
BitDefenderTrojan.GenericKDZ.68028
K7GWTrojan ( 005694731 )
K7AntiVirusTrojan ( 005694731 )
TrendMicroTROJ_GEN.R002C0DFM20
BitDefenderThetaGen:NN.ZevbaF.34130.Km0@a05tkhdO
CyrenW32/VBKrypt.ANI.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:TrojanX-gen [Trj]
GDataTrojan.GenericKDZ.68028
KasperskyTrojan.Win32.Mansabo.fev
AegisLabTrojan.Win32.Mansabo.4!c
RisingTrojan.Kryptik!1.C606 (CLOUD)
Ad-AwareTrojan.GenericKDZ.68028
TACHYONTrojan/W32.VB-Mansabo.593920.B
SophosTroj/VB-KUP
F-SecureTrojan.TR/AD.TrickBot.umxpi
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Dropper.hh
EmsisoftTrojan.GenericKDZ.68028 (B)
IkarusTrojan.Win32.Injector
F-ProtW32/VBKrypt.ANI.gen!Eldorado
JiangminTrojan.Mansabo.bqt
AviraTR/AD.TrickBot.umxpi
Antiy-AVLTrojan/Win32.Mansabo
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D109BC
ZoneAlarmTrojan.Win32.Mansabo.fev
MicrosoftTrojan:Win32/Trickbot.VB!MTB
CynetMalicious (score: 85)
AhnLab-V3Trojan/Win32.Trickbot.C4134376
VBA32TScope.Trojan.VB
ALYacTrojan.GenericKDZ.68028
MAXmalware (ai score=81)
MalwarebytesTrojan.TrickBot
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Injector.EMKQ
TrendMicro-HouseCallTROJ_GEN.R002C0DFM20
TencentMalware.Win32.Gencirc.10cdd705
YandexTrojan.Injector!NFjCD1s5x0o
SentinelOneDFI – Suspicious PE
FortinetW32/Injector.EMKQ!tr
AVGWin32:TrojanX-gen [Trj]

How to remove Troj/VB-KUP?

Troj/VB-KUP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment