Trojan-Spy.Win32.Stealer.bbrw removal

The Trojan-Spy.Win32.Stealer.bbrw is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Spy.Win32.Stealer.bbrw virus can do?

Behavioural detection: Executable code extraction – unpacking
Possible date expiration check, exits too soon after checking local time
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Trojan-Spy.Win32.Stealer.bbrw?


File Info:
name: 608975CBD192BC7984C4.mlw
path: /opt/CAPEv2/storage/binaries/cff05d59a22adc9e64c47e1b87d1ba9fd1595943e50f74a4b61a3007cdc35b29
crc32: 360779B2
md5: 608975cbd192bc7984c421d3cad72335
sha1: b0b05b1a135c469ea15799b71b63d3aed3fb27b3
sha256: cff05d59a22adc9e64c47e1b87d1ba9fd1595943e50f74a4b61a3007cdc35b29
sha512: 67f4371d0831248ba92bae1babb278a5a8939decd3565920784f1ab3cbf9533709945a0972ee58ad0ce15721de71130c97d698f8808d8bcbcad574cee573637f
ssdeep: 98304:QKE5ecmuv3LPCU3gzd/w9PofUa0fJahz0c:3ey67CUQlw9KUa79x
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C3563389D1C052AF8BDB6E72E8820BB7429971B46457CD3B69E05CC1F2812FE9C5C7D8
sha3_384: 7b5998001940b2cbdefdcdc26985061d1dac58e1ae48c05c4506cc07f17d2ccafb0c4ed2423253344f604d9e52dcddd8
ep_bytes: e8893c61006a00ff15a460a100c38c00
timestamp: 2022-01-21 15:33:45

Version Info:
0: [No Data]

Trojan-Spy.Win32.Stealer.bbrw also known as:

Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
FireEye	Generic.mg.608975cbd192bc79
ALYac	Gen:Variant.ExNuma.1
Cylance	Unsafe
Sangfor	Backdoor.MSIL.Bladabindi.gen
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	VirTool:Win32/Pucrpt.9250d358
K7GW	Trojan ( 0058ba4c1 )
K7AntiVirus	Trojan ( 0058ba4c1 )
BitDefenderTheta	Gen:NN.ZexaF.34182.@pW@aylIy9
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HNPY
TrendMicro-HouseCall	TROJ_GEN.R002C0DB322
Paloalto	generic.ml
Kaspersky	Trojan-Spy.Win32.Stealer.bbrw
BitDefender	Gen:Variant.ExNuma.1
MicroWorld-eScan	Gen:Variant.ExNuma.1
Avast	Win32:TrojanX-gen [Trj]
Emsisoft	Gen:Variant.ExNuma.1 (B)
F-Secure	Heuristic.HEUR/AGEN.1119113
TrendMicro	TROJ_GEN.R002C0DB322
McAfee-GW-Edition	BehavesLike.Win32.Generic.vh
Sophos	Mal/Generic-S
Ikarus	Trojan.Win32.Krypt
Avira	HEUR/AGEN.1119113
Gridinsoft	Ransom.Win32.Bladabindi.sa
Microsoft	VirTool:Win32/Pucrpt.A!MTB
ZoneAlarm	Trojan-Spy.Win32.Stealer.bbrw
GData	Gen:Variant.ExNuma.1
AhnLab-V3	Trojan/Win.Generic.R442079
McAfee	GenericRXRE-WR!608975CBD192
MAX	malware (ai score=83)
VBA32	BScope.TrojanSpy.Stealer
Malwarebytes	Backdoor.AsyncRAT
APEX	Malicious
Rising	Backdoor.Crysan!8.10ECA (CLOUD)
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Kryptik.HNPY!tr
AVG	Win32:TrojanX-gen [Trj]
Cybereason	malicious.bd192b
Panda	Trj/GdSda.A

How to remove Trojan-Spy.Win32.Stealer.bbrw?

Trojan-Spy.Win32.Stealer.bbrw removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X