Malware

Win32/AutoRun.VB.VN malicious file

Malware Removal

The Win32/AutoRun.VB.VN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/AutoRun.VB.VN virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded pe malware family
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Win32/AutoRun.VB.VN?



File Info:

name: 236804B6AC7DEE921058.mlw
path: /opt/CAPEv2/storage/binaries/91c6736e5d27a09a946bb1f754670977abd4a0180bdafcb30e2ff1a51b2d9dd5
crc32: F461FB8F
md5: 236804b6ac7dee921058df3907edc87f
sha1: 550420cb5a9e925ae8374bdf198f6547f07a24cc
sha256: 91c6736e5d27a09a946bb1f754670977abd4a0180bdafcb30e2ff1a51b2d9dd5
sha512: 02463bf494b4cb6bbdd839b8f686ac53a72afd9b06787c7b0cd883eca913b9d1580525c7600f112d1af8d5f16a964f750b5aff26d447ad657a62483b267c2f9c
ssdeep: 1536:QPwnbnXcVYvYdYOYGYCVVB+fuIgb6Upud8/QkL0jNiQDSWDhv3/Q4VDUtd7fIs/H:SwrXc5A5SWDhv3/Q4VDUtd7fIs/jOW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ED6468E0F1C16203E8290EFA4B4B65FA4E6AF2FC68513441359F0D292F099D9FB647B5
sha3_384: 782ad1ecb2572bf19898f045ec0b1ec08a66b1b64f08157a13bec54600de557f5a12b6d93cf46e3c7b3c56d82df5c9b3
ep_bytes: 68a8114000e8eeffffff000000000000
timestamp: 2010-10-25 08:01:25


Version Info:

Translation: 0x0409 0x04b0
ProductName: UUGRZ1
FileVersion: 6.51
ProductVersion: 6.51
InternalName: UUGRZ1
OriginalFilename: UUGRZ1.exe

Win32/AutoRun.VB.VN also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.86337
ClamAVWin.Trojan.VB-1317
FireEyeGeneric.mg.236804b6ac7dee92
CAT-QuickHealWorm.VBNA.gen
SkyhighBehavesLike.Win32.VBObfus.fm
McAfeeDownloader-CJX.gen.j
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 001f4fd41 )
K7GWTrojan ( 001f4fd41 )
Cybereasonmalicious.b5a9e9
BitDefenderThetaGen:NN.ZevbaF.36744.tm0@aCTJCIhi
VirITTrojan.Win32.VBKrypt.UVD
SymantecW32.Changeup
ESET-NOD32a variant of Win32/AutoRun.VB.VN
APEXMalicious
CynetMalicious (score: 100)
KasperskyWorm.Win32.WBNA.ipa
BitDefenderTrojan.GenericKDZ.86337
NANO-AntivirusTrojan.Win32.WBNA.dwuoev
AvastWin32:AutoRun-BPR [Wrm]
TencentWorm.Win32.Wbna .16000410
EmsisoftTrojan.GenericKDZ.86337 (B)
BaiduWin32.Worm.VB.al
F-SecureWorm:W32/Vobfus.AX
DrWebWin32.HLLW.Autoruner.34218
VIPRETrojan.GenericKDZ.86337
TrendMicroWORM_VBNA.SMCE
Trapminemalicious.high.ml.score
SophosMal/SillyFDC-D
SentinelOneStatic AI – Malicious PE
JiangminTrojan/VBKrypt.hbyt
GoogleDetected
AviraWORM/Vobfus.bde
MAXmalware (ai score=86)
Antiy-AVLWorm/Win32.WBNA.gen
Kingsoftmalware.kb.a.1000
MicrosoftWorm:Win32/Vobfus.gen!D
XcitiumWorm.Win32.Autorun.VV@26y5pr
ArcabitTrojan.Generic.D15141
ViRobotWorm.Win32.Vobfus.311296
ZoneAlarmWorm.Win32.WBNA.ipa
GDataTrojan.GenericKDZ.86337
VaristW32/Vobfus.K.gen!Eldorado
AhnLab-V3Trojan/Win32.VBKrypt.R4216
VBA32Trojan.VBRA.04692
ALYacTrojan.GenericKDZ.86337
Cylanceunsafe
PandaW32/Vobfus.FH
TrendMicro-HouseCallWORM_VBNA.SMCE
RisingWorm.VobfusEx!1.99EB (CLASSIC)
YandexTrojan.GenAsa!pWRgsXNPdr0
IkarusWorm.Win32.Vobfus
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/AutoRun.VBB!tr
AVGWin32:AutoRun-BPR [Wrm]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/AutoRun.VB.VN?

Win32/AutoRun.VB.VN removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment