Malware

VirTool:Win32/Vbcrypt.P information

Malware Removal

The VirTool:Win32/Vbcrypt.P is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VirTool:Win32/Vbcrypt.P virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Creates a copy of itself

How to determine VirTool:Win32/Vbcrypt.P?



File Info:

name: F008702A2D51882A1E93.mlw
path: /opt/CAPEv2/storage/binaries/aee98de3acdb6e8c4289d65d6f21f607c52d68a072e8a6f68241860efde7c211
crc32: D6B772F9
md5: f008702a2d51882a1e93d5620f762514
sha1: 0ac40d43faa0d175adadfae6511aa0d7c7058580
sha256: aee98de3acdb6e8c4289d65d6f21f607c52d68a072e8a6f68241860efde7c211
sha512: c61744f695cd83f12e2e36dcdbe3c22108226d46038d501a769a1afb5c7137d4bc84f096537ba622bfd5d68ab8104a6c10353739df63a1cbdfda8163d48a9ad9
ssdeep: 3072:6UEQqRH8ZY5VCpW4DJGMK76I9DWU6ZnhQDZZxMr8aOdfU:ZEQzY3CpW+J+7jDWU6ZKyYaOs
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17AD3BD1361084365FCCCBD711C760DA1D8D63924FC6F8505256BAA8AFAFC831E7AD68B
sha3_384: c9e99f101eeda1bbdfc02ee0f634dd4fc1fda7a637f0537a2bc0c63cfedbea59d1528ba5de5b9fc5a42de4732126797c
ep_bytes: 68dc144000e8eeffffff000000000000
timestamp: 2009-04-10 20:22:16


Version Info:

Translation: 0x0409 0x04b0
ProductName: bone
FileVersion: 2.01.0004
ProductVersion: 2.01.0004
InternalName: 2
OriginalFilename: 2.exe

VirTool:Win32/Vbcrypt.P also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.VB.kYPn
tehtrisGeneric.Malware
MicroWorld-eScanGen:Trojan.Heur.Dropper.im3@ai!ejFik
ClamAVWin.Trojan.VB-8852
FireEyeGeneric.mg.f008702a2d51882a
ALYacGen:Trojan.Heur.Dropper.im3@ai!ejFik
CylanceUnsafe
ZillyaTrojan.VB.Win32.13700
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 00038d7e1 )
AlibabaTrojanSpy:Win32/Vbcrypt.d1a22f80
K7GWTrojan ( 00038d7e1 )
Cybereasonmalicious.a2d518
CyrenW32/VBcrypt.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Cryptoz
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Zbot.qjso
BitDefenderGen:Trojan.Heur.Dropper.im3@ai!ejFik
NANO-AntivirusTrojan.Win32.VB.wrhu
AvastWin32:VB-LWD [Trj]
TencentMalware.Win32.Gencirc.10b5922f
Ad-AwareGen:Trojan.Heur.Dropper.im3@ai!ejFik
SophosML/PE-A + Mal/VB-Z
ComodoTrojWare.Win32.VB.KLM@4xatot
DrWebTrojan.VbCrypt.250
VIPREGen:Trojan.Heur.Dropper.im3@ai!ejFik
TrendMicroTROJ_VB.KFE
McAfee-GW-EditionGeneric VB.z
Trapminemalicious.moderate.ml.score
EmsisoftGen:Trojan.Heur.Dropper.im3@ai!ejFik (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Heur.Dropper.im3@ai!ejFik
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.1F
KingsoftWin32.Troj.Zbot.qj.(kcloud)
ArcabitTrojan.Heur.Dropper.E968F3
MicrosoftVirTool:Win32/Vbcrypt.P
GoogleDetected
AhnLab-V3Worm/Win32.VBNA.R1868
Acronissuspicious
McAfeeGeneric VB.z
VBA32Trojan.VB.Pedro
TrendMicro-HouseCallTROJ_VB.KFE
RisingHackTool.Vbcrypt!8.6B0 (TFE:3:JWRyKRTjiaQ)
YandexTrojan.GenAsa!uARcNExOdbY
IkarusBackdoor.Win32.Ruskill
FortinetW32/VBInjector.fam!tr
BitDefenderThetaAI:Packer.F94CE62424
AVGWin32:VB-LWD [Trj]
PandaAdware/AccesMembre
CrowdStrikewin/malicious_confidence_100% (W)

How to remove VirTool:Win32/Vbcrypt.P?

VirTool:Win32/Vbcrypt.P removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment