Virus:Win32/Grenam.B (file analysis)

Malware Removal

The Virus:Win32/Grenam.B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Review

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Virus:Win32/Grenam.B virus can do?

  • Creates RWX memory
  • Reads data out of its own binary image
  • Checks for the presence of known windows from debuggers and forensic tools
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Creates a slightly modified copy of itself

How to determine Virus:Win32/Grenam.B?


File Info:

crc32: 493F5006
md5: a216c9166621ba9a9f598b517fab1b38
name: loader.exe
sha1: f2835994acb945a3c545c3fa36c6b46d726038f6
sha256: b167771841c5710f903fd343aeedfac481665cd38aa0bc92f162e4a5755cb96b
sha512: 7b756d2ac63e442cbe1258ef6cffea37861a8594447852e2923d0f54b6fcd116bf1e95b2a127ac09a435450b6846c552e4bb5dcc66d24b1669edd4445e56edae
ssdeep: 12288:3wCBtLC+EptUpQ9SeSChq3YvxFBSSRMT8PTp4ihozEG888888888888W8888888J:jNzCtUpQ9WWPBSSRMTEpXN0
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Virus:Win32/Grenam.B also known as:

MicroWorld-eScanWin32.Grenam.V
CMCVirus.Win32.Renamer!O
CAT-QuickHealW32.Grenam.A13
McAfeeW32/Tainp.a
CylanceUnsafe
ZillyaWorm.AutoRun.Win32.118715
SangforMalware
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderWin32.Grenam.V
K7GWVirus ( 0040f9341 )
K7AntiVirusVirus ( 0040f9341 )
ArcabitWin32.Grenam.V
Invinceaheuristic
BaiduWin32.Worm.AutoRun.bu
CyrenW32/Autorun.YQXC-6672
SymantecW32.Tapin
ESET-NOD32Win32/AutoRun.Delf.LV
APEXMalicious
AvastWin32:AutoRun-CWJ [Trj]
ClamAVWin.Virus.Tainp-1
KasperskyVirus.Win32.Renamer.j
AlibabaVirus:Win32/Renamer.7825c74a
NANO-AntivirusVirus.Win32.Renamer.lxyhd
ViRobotWin32.Renamer.B
RisingTrojan.Win32.StealIcon!1.6A68 (CLOUD)
Ad-AwareWin32.Grenam.V
EmsisoftWin32.Grenam.V (B)
ComodoTrojWare.Win32.Spy.E@4pfq97
F-SecureTrojan.TR/AD.Grenam.unvzb
DrWebTrojan.DownLoad4.10434
VIPRETrojan.Win32.Generic!BT
TrendMicroWORM_RENAMER.AD
McAfee-GW-EditionBehavesLike.Win32.Tainp.ch
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.a216c9166621ba9a
SophosW32/Renamer-M
IkarusVirus.Win32.Renamer
F-ProtW32/Autorun.ZF
JiangminTrojan/Genome.axcm
WebrootW32.Rogue.Gen
AviraTR/AD.Grenam.unvzb
FortinetW32/AutoRun.SOT!tr
Antiy-AVLVirus/Win32.Renamer.j
Endgamemalicious (high confidence)
MicrosoftVirus:Win32/Grenam.B
ZoneAlarmVirus.Win32.Renamer.j
TACHYONWorm/W32.DP-Renamer.844288
AhnLab-V3Win32/Unruy.H.X1603
Acronissuspicious
VBA32Virus.Renamer.13219
ALYacWin32.Grenam.V
MAXmalware (ai score=100)
PandaW32/Renamer.I
ZonerTrojan.Win32.66255
TrendMicro-HouseCallWORM_RENAMER.AD
TencentVirus.Win32.Renamer.b
SentinelOneDFI – Suspicious PE
eGambitUnsafe.AI_Score_90%
GDataWin32.Grenam.V
BitDefenderThetaAI:Packer.AA0AA6D218
AVGWin32:AutoRun-CWJ [Trj]
Cybereasonmalicious.66621b
Paloaltogeneric.ml
Qihoo-360Win32/Virus.Renamer.B

How to remove Virus:Win32/Grenam.B?

Virus:Win32/Grenam.B removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment