Trojan

Trojan:Win32/Barys.GMA!MTB malicious file

Malware Removal

The Trojan:Win32/Barys.GMA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/Barys.GMA!MTB virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine Trojan:Win32/Barys.GMA!MTB?



File Info:

name: BD31C25D1488E6051925.mlw
path: /opt/CAPEv2/storage/binaries/ab622cbe5192de06b0cab01e2abfbac9774ad59e2d0da8850edc65256ff509e7
crc32: 2576C23C
md5: bd31c25d1488e60519254fb009d02ac7
sha1: cc099ead7888050d12a0283da55c522a04e73596
sha256: ab622cbe5192de06b0cab01e2abfbac9774ad59e2d0da8850edc65256ff509e7
sha512: 67118c3ff51e0edecc6d9b386fa1abcdf18b68b5d2da4b05d9897e5724024d2fd1bf528a246acc8a00de181610e48ed35e3d66f3bfb6d08670bca2681333629b
ssdeep: 6144:BXf/YFdySDvdUtCC23o8PiZV+95e4yp91C53BDu0W7cyqCxSngmMBqfycuPbUl0s:RiDvQ23q3tvp/C53p80npM4dl0s
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C564BF4AF26D5F31F53A30BB01AAB307B9B79C766525A09E0C59E74EFBE1E321187101
sha3_384: caf5914c8b0dda1b4bae5e81013dd6c63ed9f62dd532e48901b617a0401fba5e2b2fa0d6fb4aa73405c704264ceae091
ep_bytes: 442ae3d71473575011a26ec1d3e1067b
timestamp: 1976-11-05 00:00:00


Version Info:

CompanyName: Wayne J. Radburn
FileDescription: PE/COFF File Viewer
FileVersion: 0.9.9.0
InternalName: PEview
LegalCopyright: Copyright© 1997-2011 Wayne J. Radburn
OriginalFilename: PEview.exe
ProductName: PEview
ProductVersion: 0.9.9.0
Translation: 0x0409 0x04e4

Trojan:Win32/Barys.GMA!MTB also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanDeepScan:Generic.Dacic.8952383F.A.F077FF87
SkyhighBehavesLike.Win32.Picsys.fc
McAfeeTrojan-FVOQ!BD31C25D1488
Cylanceunsafe
ZillyaTrojan.Kryptik.Win32.3766585
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0001b3411 )
K7GWTrojan ( 0001b3411 )
Cybereasonmalicious.d78880
ArcabitDeepScan:Generic.Dacic.8952383F.A.F077FF87
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.HHBK
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Razy-9794901-0
KasperskyVHO:Trojan.Win32.Copak.gen
BitDefenderDeepScan:Generic.Dacic.8952383F.A.F077FF87
NANO-AntivirusTrojan.Win32.PackedENT.ficuob
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Kryptik.gify
EmsisoftDeepScan:Generic.Dacic.8952383F.A.F077FF87 (B)
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.PackedENT.192
VIPREDeepScan:Generic.Dacic.8952383F.A.F077FF87
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.bd31c25d1488e605
SophosMal/Inject-GJ
IkarusTrojan.Patched
JiangminTrojan.Generic.gvapt
WebrootW32.Trojan.Gen
VaristW32/Dacic.E.gen!Eldorado
AviraTR/Dropper.Gen
MAXmalware (ai score=88)
Antiy-AVLGrayWare/Win32.Kryptik.gifq
Kingsoftmalware.kb.a.1000
XcitiumTrojWare.Win32.Kryptik.TLS@812zm8
MicrosoftTrojan:Win32/Barys.GMA!MTB
ZoneAlarmVHO:Trojan.Win32.Copak.gen
GDataWin32.Trojan.PSE.109W4IM
GoogleDetected
AhnLab-V3Trojan/Win.FVOQ.R628622
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.36608.u83@aS09i7l
ALYacDeepScan:Generic.Dacic.8952383F.A.F077FF87
TACHYONTrojan/W32.Selfmod
VBA32Trojan.Khalesi
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!1.B34D (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Kryptik.GIFQ!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Trojan:Win32/Barys.GMA!MTB?

Trojan:Win32/Barys.GMA!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment