Malware

VirTool:Win32/VBInject.AGM!bit malicious file

Malware Removal

The VirTool:Win32/VBInject.AGM!bit is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VirTool:Win32/VBInject.AGM!bit virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Deletes its original binary from disk
  • Steals private information from local Internet browsers
  • Exhibits behavior characteristic of Pony malware
  • Exhibits possible ransomware file modification behavior
  • Collects information about installed applications
  • Creates a hidden or system file
  • Harvests credentials from local FTP client softwares
  • Anomalous binary characteristics

How to determine VirTool:Win32/VBInject.AGM!bit?



File Info:

crc32: E609BF87
md5: 85c5b19007b785f3ae1cf60377f4ca4f
name: 85C5B19007B785F3AE1CF60377F4CA4F.mlw
sha1: a67c08f3114d28c5d479e0bff44e52a51cc55e5e
sha256: 23a9c1d47bef41f62b49358b4e8160af3e69ce89a97066fecba64bdc82593e6b
sha512: fef295f1d4559bcb07132fb4c61d8e8238a6a8cc718aa712916d6c27b1d96968d6fcfa603e66fb686073a8ba4e8a6fc9bd00abf930da08ffa3944bae2ced98d0
ssdeep: 3072:QWsdERynV1lMVjhKcrHIhlWnCF8uxYYdYh:skyfW/XrHIhl/3xk
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
InternalName: Prestandard
FileVersion: 1.00
CompanyName:     ~
ProductName: Anargyros
ProductVersion: 1.00
OriginalFilename: Prestandard.exe

VirTool:Win32/VBInject.AGM!bit also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0055e3991 )
CynetMalicious (score: 100)
ALYacGen:Heur.PonyStealer.im0@cm6yUdji
CylanceUnsafe
ZillyaTrojan.Injector.Win32.385015
SangforInfostealer.Win32.Fareit.bvxe
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaTrojanPSW:Win32/Fareit.397dff83
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.007b78
CyrenW32/Trojan.MJ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.CZCC
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-PSW.Win32.Fareit.bvxe
BitDefenderGen:Heur.PonyStealer.im0@cm6yUdji
NANO-AntivirusTrojan.Win32.CZCC.edcvew
MicroWorld-eScanGen:Heur.PonyStealer.im0@cm6yUdji
TencentWin32.Trojan-qqpass.Qqrob.Ecan
Ad-AwareGen:Heur.PonyStealer.im0@cm6yUdji
SophosML/PE-A + Mal/FareitVB-F
ComodoMalware@#20uhgmcp7fy8o
BitDefenderThetaGen:NN.ZevbaF.34294.im0@am6yUdji
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_HPVB.SM12
McAfee-GW-EditionPWSZbot-ART
FireEyeGeneric.mg.85c5b19007b785f3
EmsisoftGen:Heur.PonyStealer.im0@cm6yUdji (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.PSW.Fareit.eaf
WebrootW32.Injector.Gen
AviraHEUR/AGEN.1121350
eGambitGeneric.Dropper
Antiy-AVLTrojan/Generic.ASMalwS.18E2630
KingsoftWin32.PSWTroj.Fareit.bv.(kcloud)
MicrosoftVirTool:Win32/VBInject.AGM!bit
SUPERAntiSpywareTrojan.Agent/Gen-VB
GDataGen:Heur.PonyStealer.im0@cm6yUdji
AhnLab-V3Win-Trojan/VBKrypt.RP.X1764
McAfeePWSZbot-ART
MAXmalware (ai score=100)
VBA32TrojanPSW.Fareit
MalwarebytesMachineLearning/Anomalous.100%
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_HPVB.SM12
YandexTrojan.PWS.Fareit!ljbFahIciA4
IkarusTrojan.Win32.Injector
FortinetW32/Injector.CZOJ!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove VirTool:Win32/VBInject.AGM!bit?

VirTool:Win32/VBInject.AGM!bit removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment