Trojan

How to remove “Trojan.VbkryptVMF.S19738950”?

Malware Removal

The Trojan.VbkryptVMF.S19738950 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.VbkryptVMF.S19738950 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to disable Windows Auto Updates
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Trojan.VbkryptVMF.S19738950?



File Info:

name: 4FF60796B3F2E7D64C66.mlw
path: /opt/CAPEv2/storage/binaries/e6b515d3bf922b725f0a8df39f9e058e90977c619176a58afe79a03a15db42ca
crc32: 55A96086
md5: 4ff60796b3f2e7d64c6656b5aae8c45e
sha1: 45ff26def76b3e7e1931f4d0174e56ce782b777b
sha256: e6b515d3bf922b725f0a8df39f9e058e90977c619176a58afe79a03a15db42ca
sha512: d069e8ea06f60ede9e71898f4deae415d2ea7b1a5c912ff8929b15d10b96dcd50f46c55a5af9b42306688f0cb447a2f7186620be8bdd6fddc34b4bf53e1b598e
ssdeep: 6144:tCsKDJRra/DPWAiKz28tnQToBgnDMMMh:tLKDJRra/7AT8GTMMMh
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11A647226AE60707BE50795F1252E936A280C1E7A2390EC07B741BB9974342F3B5F275F
sha3_384: b8b8842adfe22d79476e103e80ffcdddc66ecacf71b842f169f996c161558785fc103e9816f3f19b748ae788d8f1732f
ep_bytes: 68cc434000e8f0ffffff000000000000
timestamp: 2012-03-05 05:33:29


Version Info:

Translation: 0x0409 0x04b0
ProductName: fFauzK
FileVersion: 1.00
ProductVersion: 1.00
InternalName: WPLmfZUx
OriginalFilename: WPLmfZUx.exe

Trojan.VbkryptVMF.S19738950 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Chinky.7
FireEyeGeneric.mg.4ff60796b3f2e7d6
CAT-QuickHealTrojan.VbkryptVMF.S19738950
SkyhighBehavesLike.Win32.VBObfus.fm
McAfeeGeneric VB.kk
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
CrowdStrikewin/malicious_confidence_100% (D)
BaiduWin32.Worm.Autorun.l
VirITTrojan.Win32.SHeur4.TAL
SymantecSMG.Heur!gen
ESET-NOD32a variant of Win32/AutoRun.VB.ASS
APEXMalicious
TrendMicro-HouseCallWORM_VOBFUS.SMIH
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyTrojan.Win32.VBKrypt.kwoo
BitDefenderGen:Variant.Chinky.7
NANO-AntivirusTrojan.Win32.VBKrypt.cqkyhe
ViRobotTrojan.Win32.A.VBKrypt.331776.BR
AvastWin32:VB-ABOE [Trj]
TencentTrojan.Win32.VBKrypt.hm
TACHYONTrojan/W32.VBKrypt.331776
SophosW32/SillyFDC-HI
GoogleDetected
F-SecureTrojan.TR/VB.Agent.aboe.1
DrWebTrojan.VbCrypt.81
VIPREGen:Variant.Chinky.7
TrendMicroWORM_VOBFUS.SMIH
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Chinky.7 (B)
IkarusVirus.Win32.Virut
JiangminTrojan/VBKrypt.iarz
VaristW32/Vobfus.BE.gen!Eldorado
AviraTR/VB.Agent.aboe.1
Antiy-AVLWorm/Win32.WBNA.gen
Kingsoftmalware.kb.a.998
MicrosoftWorm:Win32/Vobfus!pz
XcitiumWorm.Win32.Pronny.AK@4ogvoo
ArcabitTrojan.Chinky.7
SUPERAntiSpywareTrojan.Agent/Gen-Vban
ZoneAlarmTrojan.Win32.VBKrypt.kwoo
GDataGen:Variant.Chinky.7
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Menti.R20177
Acronissuspicious
BitDefenderThetaGen:NN.ZevbaF.36802.um0@aWckeoei
ALYacGen:Variant.Chinky.7
MAXmalware (ai score=83)
VBA32BScope.Trojan.VB.Onechki
Cylanceunsafe
PandaW32/Vobfus.GEW.worm
RisingWorm.VobfusEx!1.99DC (CLASSIC)
SentinelOneStatic AI – Malicious PE
FortinetW32/VBKrypt.C!tr
AVGWin32:VB-ABOE [Trj]
Cybereasonmalicious.6b3f2e
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Vobfus.f9dd2bae

How to remove Trojan.VbkryptVMF.S19738950?

Trojan.VbkryptVMF.S19738950 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment