Malware

How to remove “W32.Mabezat.Dr”?

Malware Removal

The W32.Mabezat.Dr is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What W32.Mabezat.Dr virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Catalan
  • Creates an autorun.inf file
  • Authenticode signature is invalid
  • Likely virus infection of existing system binary
  • Attempts to modify Explorer settings to prevent file extensions from being displayed
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine W32.Mabezat.Dr?



File Info:

name: B7EDA25BD29F9DE15CE2.mlw
path: /opt/CAPEv2/storage/binaries/b22e0b26e529f1aed7cbac5c0d18549cd0b89e4ffa6ffc5f46a4e07e08191d9a
crc32: 24D08FD8
md5: b7eda25bd29f9de15ce27309d0aa0013
sha1: b63d6c3f49b9a47bc8a0cbd85a370ada6cef6fd4
sha256: b22e0b26e529f1aed7cbac5c0d18549cd0b89e4ffa6ffc5f46a4e07e08191d9a
sha512: 653a53084686ff7889cbcc497975ad77567b4f96ef4e7f8964446023fe866f42fbd23c4d1c487f94e3eed3528c8cd16f340279b4e8629f43de0b076015a3e1b9
ssdeep: 3072:jSKRCOD2YGUb7y7Koez2l1+vEPBkIiUn3YI2Pz/Y0av839PBN8qIcQWm:nJD2rG7Ku2lKYkIiy0tUcZm
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T161F37CE66F3AE941FA48B970A60CD554219998E3B9C970C7F114F02D6923CF2BC34FA5
sha3_384: bc10a212b49ddde8242ebdb4b7c1f2cd1b737cb1a5f06058427c81ee8775c488e21282728ee5e79403565efd92ecbf0f
ep_bytes: 5383ec44b823104000b9000000008a18
timestamp: 2007-10-29 06:17:05


Version Info:

0: [No Data]

W32.Mabezat.Dr also known as:

BkavW32.Pharoh.Worm
MicroWorld-eScanWin32.Worm.Mabezat.S
FireEyeGeneric.mg.b7eda25bd29f9de1
CAT-QuickHealW32.Mabezat.Dr
McAfeeW32/Mabezat
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusVirus ( 000ad08b1 )
BitDefenderWin32.Worm.Mabezat.S
K7GWVirus ( 000ad08b1 )
CrowdStrikewin/malicious_confidence_100% (D)
BaiduWin32.Worm.Mabezat.b
VirITWorm.Win32.Mabezat.A
CyrenW32/Mabezat.FRWO-1177
SymantecW32.Mabezat.B
Elasticmalicious (high confidence)
ESET-NOD32Win32/Mabezat.A
APEXMalicious
ClamAVWin.Trojan.Mabezat-1
KasperskyWorm.Win32.Mabezat.b
NANO-AntivirusVirus.Win32.Mabezat.kfroy
ViRobotWorm.Win32.Mabezat.154751
RisingWorm.Mabezat!1.995D (RDMK:cmRtazqVRBl4RI5ZASbNf74E30WY)
Ad-AwareWin32.Worm.Mabezat.S
TACHYONWorm/W32.Mabezat
EmsisoftWin32.Worm.Mabezat.S (B)
ComodoWorm.Win32.Mabezat.b@14k3c8
DrWebWin32.HLLW.Tazebama
ZillyaWorm.MabezatGen.Win32.3
TrendMicroPE_MABEZAT.B-O
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.cc
SophosML/PE-A + W32/Mabezat-B
IkarusWorm.Win32.Mabezat
GDataWin32.Worm.Mabezat.S
JiangminTrojan/Mabezat.g
AviraWORM/Mabezat.b
Antiy-AVLTrojan/Generic.ASVirus.28
ArcabitWin32.Worm.Mabezat.S
SUPERAntiSpywareTrojan.Agent/Gen-Worm
ZoneAlarmTrojan.Win32.Yakes.pvii
MicrosoftVirus:Win32/Mabezat.B
CynetMalicious (score: 100)
AhnLab-V3Win32/Mabezat
VBA32Trojan.Win32.Mabezat.a
ALYacWin32.Worm.Mabezat.S
MAXmalware (ai score=89)
MalwarebytesSality.Virus.FileInfector.DDS
PandaW32/Mabezat.C.worm
TrendMicro-HouseCallPE_MABEZAT.B-O
TencentTrojan.Win32.Mabezat.a
YandexTrojan.GenAsa!0z4t/44RHDE
SentinelOneStatic AI – Malicious PE
MaxSecureVirus.Mabezat.B
FortinetW32/Mabezat.B!worm
BitDefenderThetaAI:FileInfector.72161D3514
AVGWin32:Crypt-KUG [Trj]
Cybereasonmalicious.bd29f9
AvastWin32:Crypt-KUG [Trj]

How to remove W32.Mabezat.Dr?

W32.Mabezat.Dr removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment