Malware

What is “W32/SillyFDC-GS”?

Malware Removal

The W32/SillyFDC-GS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What W32/SillyFDC-GS virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine W32/SillyFDC-GS?



File Info:

name: F7BCA2F831A3D6BDE199.mlw
path: /opt/CAPEv2/storage/binaries/1e0a1404ac7a4fed0ead76f325f42b34adb79217c521a5a1f5a202a1f8a94195
crc32: BD384A33
md5: f7bca2f831a3d6bde199f37f5758804e
sha1: 6deb70b2db3f42b8fad1bda611b41bde6963458b
sha256: 1e0a1404ac7a4fed0ead76f325f42b34adb79217c521a5a1f5a202a1f8a94195
sha512: 2c64429770771782efd8dcbf105b64143e6cf1d7b5cad7761cb372ee08132fdaf3fc26270c7e2919d1caa23bdb465b3533d17bbc242736727acbe7e999ff39b9
ssdeep: 6144:JFmR9SLkWor+akVC5s/durgm7hv8htqiXkIvaX/m7bfTWaUspmHjYT9oFv6wHH/e:389SLkWor+akVC5s/dIdEhtqiXkIvaX6
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11074F723AB00A15ED96785F22568D36635262C3522457D83B3817F9D79B2BC3BCB432F
sha3_384: 88f302c08896af6fcde3ae9d4dbd4e7e4d534cf71b4cb948c841791e796c3c98ff7569521a4bcca2e0db5d36a06cb9b6
ep_bytes: 68b8424000e8f0ffffff000048000000
timestamp: 2011-12-23 20:22:55


Version Info:

FileVersion: 1.00
Translation: 0x0409 0x04b0

W32/SillyFDC-GS also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.VBInject.11
ClamAVWin.Trojan.VB-73731
FireEyeGeneric.mg.f7bca2f831a3d6bd
CAT-QuickHealWorm.VobfusoVMF.S29651405
ALYacGen:Variant.VBInject.11
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 0054d10f1 )
AlibabaWorm:Win32/Vobfus.82997965
K7GWEmailWorm ( 0054d10f1 )
BaiduWin32.Worm.Autorun.l
VirITTrojan.Win32.Zyx.SF
CyrenW32/Vobfus.AA.gen!Eldorado
SymantecW32.Changeup
Elasticmalicious (high confidence)
ESET-NOD32Win32/AutoRun.VB.AQE
APEXMalicious
CynetMalicious (score: 100)
KasperskyWorm.Win32.Vobfus.efnq
BitDefenderGen:Variant.VBInject.11
NANO-AntivirusTrojan.Win32.Vobfus.jvuoxs
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:VB-AALG [Trj]
TencentTrojan.Win32.FakeFolder.pid
EmsisoftGen:Variant.VBInject.11 (B)
F-SecureWorm.WORM/Vobfus.ommlb
DrWebTrojan.VbCrypt.81
VIPREGen:Variant.VBInject.11
TrendMicroWORM_VOBFUS.SMJA
McAfee-GW-EditionBehavesLike.Win32.VBObfus.fm
SophosW32/SillyFDC-GS
GDataGen:Variant.VBInject.11
JiangminWorm.Vobfus.cuba
WebrootW32.Trojan.Diple.Gen
AviraWORM/Vobfus.ommlb
MAXmalware (ai score=100)
Antiy-AVLWorm/Win32.WBNA.gen
XcitiumTrojWare.Win32.VB.AVA@4paxk7
ArcabitTrojan.VBInject.11
ViRobotTrojan.Win32.A.Diple.348160.G
ZoneAlarmWorm.Win32.Vobfus.efnq
MicrosoftWorm:Win32/Vobfus.gen!O
GoogleDetected
AhnLab-V3Trojan/Win32.Menti.R18663
McAfeeVBObfus.df
TACHYONWorm/W32.Vobfus.348160
VBA32Trojan.VBCR.2922
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SMJA
RisingWorm.VobfusEx!1.99DC (CLASSIC)
YandexTrojan.GenAsa!wl2p6TallKM
IkarusWorm.Win32.Vobfus
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Diple.EJQE!tr
BitDefenderThetaGen:NN.ZevbaF.36250.vm0@a0qlGDmi
AVGWin32:VB-AALG [Trj]
DeepInstinctMALICIOUS

How to remove W32/SillyFDC-GS?

W32/SillyFDC-GS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment