Malware

Troj/VBinj-YK removal instruction

Malware Removal

The Troj/VBinj-YK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/VBinj-YK virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to disable Windows Auto Updates
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Troj/VBinj-YK?



File Info:

name: 43688C126671EDBAAE71.mlw
path: /opt/CAPEv2/storage/binaries/e5f87a2741487172eb711f15f901e8f6a53a4e6afe6c9ed5abdbe80318c56f8a
crc32: 6DB5B0D4
md5: 43688c126671edbaae71ef22494fb27b
sha1: 54f950b100c8bcc7d610b98a9105336fb58770b7
sha256: e5f87a2741487172eb711f15f901e8f6a53a4e6afe6c9ed5abdbe80318c56f8a
sha512: e7b38487320245c32395c300a93d46c6d57af0425a994c8a7c55048384a009e259f23cebceaac3076f6db956762d690b2c46311958e8ecac19b2f10fde6ea54d
ssdeep: 3072:uyntFb0tQ9nLHbB9WJvA7DejJuKvEhfm:h4QxL7B9WSvejJuB
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14434F5933F36B445F86566306CFB86FA7783F84C4A1701475B30226A9EDBE722D24693
sha3_384: 2c44c96354fed65d2b31075e8a9903b3a5405637305c665672a863b99a2276d765da9c66ff4f204af273d5afbafca105
ep_bytes: 6824124000e8eeffffff000000000000
timestamp: 2002-06-21 10:26:09


Version Info:

0: [No Data]

Troj/VBinj-YK also known as:

BkavW32.AIDetectMalware
DrWebWin32.HLLW.Autoruner1.15097
MicroWorld-eScanGeneric.Dacic.0B66ABC5.A.E5EF630E
CAT-QuickHealTrojan.Beebone.D
SkyhighBehavesLike.Win32.VBObfus.dt
McAfeeVBObfus.dv
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 003c363a1 )
K7GWEmailWorm ( 003c363a1 )
CrowdStrikewin/malicious_confidence_100% (W)
ArcabitGeneric.Dacic.0B66ABC5.A.E5EF630E
BitDefenderThetaGen:NN.ZevbaF.36680.pqZ@aW6Pgvm
VirITTrojan.Win32.Cryptor.H
SymantecW32.Changeup
Elasticmalicious (high confidence)
ESET-NOD32Win32/AutoRun.VB.AVF
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.Acnu-7601993-0
KasperskyTrojan.Win32.VB.budw
BitDefenderGeneric.Dacic.0B66ABC5.A.E5EF630E
NANO-AntivirusTrojan.Win32.VB.rilpg
AvastWin32:VB-ADDH [Trj]
TencentTrojan.Win32.Vb.wb
EmsisoftGeneric.Dacic.0B66ABC5.A.E5EF630E (B)
F-SecureTrojan.TR/Dropper.Gen
BaiduWin32.Worm.VB.mf
VIPREGeneric.Dacic.0B66ABC5.A.E5EF630E
TrendMicroTROJ_AGENT_037768.TOMB
SophosTroj/VBinj-YK
IkarusVirus.Win32.Cryptor
JiangminTrojan/VB.clfr
VaristW32/Agent.GOO.gen!Eldorado
AviraTR/Dropper.Gen
Antiy-AVLVirus/Win64.Expiro.rsrc
Kingsoftmalware.kb.a.1000
XcitiumTrojWare.Win32.VB.AVF@4ol6o1
MicrosoftPWS:Win32/Fareit!pz
ViRobotTrojan.Win32.A.VB.200704.H
ZoneAlarmTrojan.Win32.VB.budw
GDataWin32.Trojan.PSE1.ARBXVV
GoogleDetected
AhnLab-V3Trojan/Win.VB.R560502
Acronissuspicious
VBA32SScope.Malware-Cryptor.VBCR.3042
ALYacGeneric.Dacic.0B66ABC5.A.E5EF630E
TACHYONTrojan/W32.VB-Agent.245760.BS
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_AGENT_037768.TOMB
RisingWorm.Pronny!1.E3E8 (CLASSIC)
YandexTrojan.GenAsa!dMYWIGcmXQw
SentinelOneStatic AI – Malicious PE
FortinetW32/VBObfus.AU!tr
AVGWin32:VB-ADDH [Trj]
Cybereasonmalicious.100c8b
DeepInstinctMALICIOUS

How to remove Troj/VBinj-YK?

Troj/VBinj-YK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment