Malware

Win32.Virtob.6.Gen (B) (file analysis)

Malware Removal

The Win32.Virtob.6.Gen (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32.Virtob.6.Gen (B) virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid
  • Binary file triggered multiple YARA rules
  • Binary compilation timestomping detected
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Win32.Virtob.6.Gen (B)?



File Info:

name: F4DA38C974AD8A26D655.mlw
path: /opt/CAPEv2/storage/binaries/5715850bb69bf4d09632c872f0f2a5121984fb8584ea45b90cfc6ae6075f7f1b
crc32: 8AD01E56
md5: f4da38c974ad8a26d655859805352961
sha1: 0f5548d7eb75ebd2a6c7aa5193e080a506821254
sha256: 5715850bb69bf4d09632c872f0f2a5121984fb8584ea45b90cfc6ae6075f7f1b
sha512: 2691ec8ad7faa3c729d7070592fd46dd132ebcbb620d4eb0b6cbf477d8fa2981508337b9b015258e784b4ddbfce6495e3e0b2ddd4691d9ff3608786551b2fe1e
ssdeep: 1536:g++bwNwqp27GjV3P1Yj4oyzxmgTuiOSlUV13w6:+0NwNFyzx9lOSlax
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AC83AF87FD9624F2E0025078387A63BA9A774C744B2EA057CF10CDDE5C75A18FA76349
sha3_384: e117c4fc3825f2686b6befcf2a42d4f9d1cdb99ef28657d20f3dc8c7407dbe1982ef36c6e969fcaba76c17c6b7670d1d
ep_bytes: fc558bece817000000f5e8b4000000f8
timestamp: 2055-05-25 18:10:40


Version Info:

CompanyName: 
FileDescription: server Microsoft 基础类应用程序
FileVersion: 1, 0, 0, 1
InternalName: server
LegalCopyright: 版权所有 (C) 2010
LegalTrademarks: 
OriginalFilename: server.EXE
ProductName: server 应用程序
ProductVersion: 1, 0, 0, 1
Translation: 0x0804 0x04b0

Win32.Virtob.6.Gen (B) also known as:

BkavW32.Vetor.PE
Elasticmalicious (high confidence)
MicroWorld-eScanWin32.Virtob.6.Gen
CAT-QuickHealW32.Virut.D
SkyhighBehavesLike.Win32.Generic.mm
MalwarebytesGeneric.Malware.AI.DDS
ZillyaVirus.Virut.Win32.14
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 00526ea91 )
K7GWTrojan ( 00526ea91 )
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderThetaAI:FileInfector.1E3F74C612
VirITWin32.Virut.R
SymantecW32.Virut.U
tehtrisGeneric.Malware
ESET-NOD32Win32/Virut.BA
APEXMalicious
TrendMicro-HouseCallWORM_NITOL.SMB0
ClamAVWin.Trojan.Virut-182
KasperskyVirus.Win32.Virut.q
BitDefenderWin32.Virtob.6.Gen
NANO-AntivirusVirus.Win32.Virut.jxol
SUPERAntiSpywareTrojan.Agent/Gen-MSFake
AvastWin32:GenMalicious-EWM [Trj]
RisingVirus.Virut!1.A08C (CLASSIC)
EmsisoftWin32.Virtob.6.Gen (B)
BaiduWin32.Virus.Virut.i
F-SecureMalware.W32/Virut.X
DrWebWin32.Virut.5
VIPREWin32.Virtob.6.Gen
TrendMicroWORM_NITOL.SMB0
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.f4da38c974ad8a26
SophosTroj/Nitol-BG
JiangminWin32/Virut.f
VaristW32/Agent.OZ.gen!Eldorado
AviraW32/Virut.X
MAXmalware (ai score=85)
Antiy-AVLVirus/Win32.Virut.q
KingsoftWin32.Virut.ce.57344
XcitiumVirus.Win32.Virut.n@nu1dk
ArcabitWin32.Virtob.6.Gen
ViRobotWin32.Virut.Gen.B
ZoneAlarmVirus.Win32.Virut.q
GDataWin32.Trojan.PSE.5XGI0A
CynetMalicious (score: 100)
AhnLab-V3Win32/Virut.D
Acronissuspicious
VBA32Virus.Virut.07
GoogleDetected
TACHYONVirus/W32.Virut.D
Cylanceunsafe
PandaW32/Virutas.gen
ZonerProbably Heur.ExeHeaderL
TencentTrojan.Win32.Scar.sgh
YandexTrojan.GenAsa!zedJd3HI7dk
IkarusTrojan.Nitol
MaxSecureTrojan.Microfake.ba
FortinetW32/Virut.G
AVGWin32:GenMalicious-EWM [Trj]
DeepInstinctMALICIOUS
alibabacloudDDoS:Win/Nitol

How to remove Win32.Virtob.6.Gen (B)?

Win32.Virtob.6.Gen (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment