Trojan

Trojan.Win32.VBKryjetor.bbyb removal

Malware Removal

The Trojan.Win32.VBKryjetor.bbyb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.VBKryjetor.bbyb virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded win api malware family
  • Creates known Remcos directories and/or files
  • Creates known Remcos mutexes
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Win32.VBKryjetor.bbyb?



File Info:

name: 87BC9F4650440D6D7E38.mlw
path: /opt/CAPEv2/storage/binaries/0b72ce68d62f4f97cdf7511a3cb3807ea86d5db343ba49da88c73bec057aa07b
crc32: 489A1731
md5: 87bc9f4650440d6d7e388e35150e23e0
sha1: 2ed95dee5c70a9e01769ba7b1c984e39b3fda6c1
sha256: 0b72ce68d62f4f97cdf7511a3cb3807ea86d5db343ba49da88c73bec057aa07b
sha512: c918cf996c7009f850dc688c36091c5c4850986a8a0547cd9c984f97742aa3c4c5d6d8b5cc089150ab85d434dbc1e2806c3b800e5259b5aded1fca77ed635bc0
ssdeep: 12288:kmi6B3J0uy3joDwgMb7sjXvgMX2cH8CK3imyMrvrPIn14KupO6wzepO:m6hJjyzMhMb7sjX4NCK3JPkurwze
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17A1501266D1AA5D1C39489300D079B64EE197D33CFA1ED6F3AC03F6FE834A36615D628
sha3_384: 134f3fc8af8021607d206d70d61e7154ae3a818a7d17adba7297176213c56b694572928eee0f639f260ce2665064b34b
ep_bytes: 688c834000e8eeffffff000000000000
timestamp: 2018-10-19 09:56:42


Version Info:

Translation: 0x0409 0x04b0
Comments: INTevation GmbH 
FileDescription: INTevation GmbH
LegalCopyright: INTevation GmbH
LegalTrademarks: INTevation GmbH
ProductName: INTevation GmbH
FileVersion: 1.00
ProductVersion: 1.00
InternalName: syntheticism
OriginalFilename: syntheticism.exe

Trojan.Win32.VBKryjetor.bbyb also known as:

MicroWorld-eScanGen:Heur.PonyStealer.1m0@dG7inAci
FireEyeGeneric.mg.87bc9f4650440d6d
Cylanceunsafe
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 005483b31 )
AlibabaBackdoor:Win32/VBKryjetor.548c1ab9
K7GWTrojan ( 005483b31 )
Cybereasonmalicious.650440
BitDefenderThetaGen:NN.ZevbaF.36802.1m0@aG7inAci
VirITTrojan.Win32.Dropper.CCT
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.EBGX
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.VBKryjetor.bbyb
BitDefenderGen:Heur.PonyStealer.1m0@dG7inAci
NANO-AntivirusTrojan.Win32.Mlw.fjjclr
TencentMalware.Win32.Gencirc.10b132c2
TACHYONTrojan/W32.VB-VBKryjetor.876544.C
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.PWS.Siggen2.8271
VIPREGen:Heur.PonyStealer.1m0@dG7inAci
TrendMicroTrojanSpy.Win32.LOKI.SM.hp
Trapminesuspicious.low.ml.score
SophosTroj/Agent-BBHK
IkarusTrojan.Win32.Injector
JiangminTrojan.VBKryjetor.isy
VaristW32/Injector.OV.gen!Eldorado
AviraTR/Dropper.Gen
Antiy-AVLTrojan/Win32.VBKryjetor
XcitiumTrojWare.Win32.Injector.EAZP@8fi00j
ArcabitTrojan.PonyStealer.EFEC3F
ZoneAlarmTrojan.Win32.VBKryjetor.bbyb
GoogleDetected
AhnLab-V3Win-Trojan/VBKrypt.RP08.X1976
VBA32Trojan.VBKryjetor
MAXmalware (ai score=81)
DeepInstinctMALICIOUS
MalwarebytesGeneric.Malware.AI.DDS
TrendMicro-HouseCallTrojanSpy.Win32.LOKI.SM.hp
RisingTrojan.Injector!1.B459 (CLASSIC)
YandexTrojan.GenAsa!SQIrhoxRIC0
SentinelOneStatic AI – Malicious PE
FortinetW32/Injector.EAZP!tr
CrowdStrikewin/malicious_confidence_100% (W)
alibabacloudTrojan.Win.UnkAgent

How to remove Trojan.Win32.VBKryjetor.bbyb?

Trojan.Win32.VBKryjetor.bbyb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment