Trojan

What is “Trojan.VBCryptVMF.S29961223”?

Malware Removal

The Trojan.VBCryptVMF.S29961223 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.VBCryptVMF.S29961223 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Trojan.VBCryptVMF.S29961223?



File Info:

name: 21C7D58CC5BE2B1E2B73.mlw
path: /opt/CAPEv2/storage/binaries/6f7ba49ed7092d7364ac59120601a918a3bbf08ce7c70c9d536e0d73222041a3
crc32: 0308207D
md5: 21c7d58cc5be2b1e2b7307e085165b9a
sha1: fec98f5e48b9047d39af86a3fd2542367b569ad3
sha256: 6f7ba49ed7092d7364ac59120601a918a3bbf08ce7c70c9d536e0d73222041a3
sha512: 9a91459aa1517c54ea6a0ba39c26a5395ddbd9394880ce8f49e1ec2f4ad650718c54eab4b9a156422cb523b4224436b8c2d88ad5d306609ce0a8bcf2938d4bae
ssdeep: 3072:QnkRLYlgkBfrvKk1jrLXvYNJOLlDrDxUfSGIf9b6L6VlMixFGI5FpqMBDzsUizts:xL6ZrBrLXeaHDxUadt382FxYIcUuts
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10C74C51663D0F61AE162CAF027654794997EAC3320B4A817F6C52F5973B0E87E632373
sha3_384: 169ec84549549574bc15b96de3ba1e058bb41418cacc1758a0821a80c433b348e07322590ce6a0cfa578b600e2823dfd
ep_bytes: 6824484000e8f0ffffff000000000000
timestamp: 2001-11-29 08:48:14


Version Info:

Translation: 0x0409 0x04b0
ProductName: nSWTNJF
FileVersion: 1.00
ProductVersion: 1.00
InternalName: hOuqyzyc
OriginalFilename: hOuqyzyc.exe

Trojan.VBCryptVMF.S29961223 also known as:

BkavW32.AIDetectMalware
AVGWin32:VB-AANY [Trj]
Elasticmalicious (high confidence)
DrWebWorm.Siggen.6785
MicroWorld-eScanGen:Variant.Chinky.7
FireEyeGeneric.mg.21c7d58cc5be2b1e
CAT-QuickHealTrojan.VBCryptVMF.S29961223
SkyhighBehavesLike.Win32.VBObfus.fm
ALYacGen:Variant.Chinky.7
Cylanceunsafe
SangforSuspicious.Win32.Save.vb
K7GWEmailWorm ( 0054d10f1 )
K7AntiVirusEmailWorm ( 0054d10f1 )
BitDefenderThetaGen:NN.ZevbaF.36804.um0@aO3W5Eci
VirITTrojan.Win32.Zyx.HB
SymantecW32.Changeup
tehtrisGeneric.Malware
ESET-NOD32Win32/AutoRun.VB.AQP
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.Vobfus-70360
KasperskyWorm.Win32.Vobfus.dgex
BitDefenderGen:Variant.Chinky.7
NANO-AntivirusTrojan.Win32.Vobfus.dwtghz
SUPERAntiSpywareTrojan.Agent/Gen-Vban
AvastWin32:VB-AANY [Trj]
TencentWorm.Win32.Vobfus.n
SophosMal/VBCheMan-J
F-SecureTrojan.TR/Diple.eewr
BaiduWin32.Trojan.Inject.n
VIPREGen:Variant.Chinky.7
TrendMicroWORM_VOBFUS.SMAB
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Chinky.7 (B)
IkarusWorm.Win32.Vobfus
JiangminTrojan/Diple.deag
GoogleDetected
AviraTR/Diple.eewr
Antiy-AVLWorm/Win32.WBNA.gen
Kingsoftmalware.kb.a.1000
MicrosoftWorm:Win32/Vobfus!pz
XcitiumWorm.Win32.Pronny.AK@4p6cu6
ArcabitTrojan.Chinky.7
ZoneAlarmWorm.Win32.Vobfus.dgex
GDataGen:Variant.Chinky.7
VaristW32/Vobfus.Z.gen!Eldorado
Acronissuspicious
McAfeeVBObfus.cm
TACHYONTrojan/W32.Agent.339968
VBA32BScope.Trojan.Diple
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SMAB
RisingWorm.VobfusEx!1.99DB (CLASSIC)
YandexTrojan.GenAsa!2+xcl2cdC98
MAXmalware (ai score=81)
FortinetW32/Diple.EJQE!tr
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Vobfus.230fea0a

How to remove Trojan.VBCryptVMF.S29961223?

Trojan.VBCryptVMF.S29961223 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment