Worm

Win32.Worm.VB.NNA information

Malware Removal

The Win32.Worm.VB.NNA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32.Worm.VB.NNA virus can do?

  • Sample contains Overlay data
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32.Worm.VB.NNA?


File Info:

name: A57D8C50F8AA897021FE.mlw
path: /opt/CAPEv2/storage/binaries/89c80f5233b1e3e28819c82f78446077925c7251083814e90427dbb351bc34e5
crc32: 9C171A88
md5: a57d8c50f8aa897021fe6db1d4d719c1
sha1: 374a3e31d0cc224400ec807d9a55cfd24ad644cd
sha256: 89c80f5233b1e3e28819c82f78446077925c7251083814e90427dbb351bc34e5
sha512: e35d19da6b7116e51bd1bbeb90b98ec2cf767afe5629149e0a61498890f88c6ab25f33771eaf1e4e4be647ae2f2122e4f0d22647ebf54633408e5969e06fd4ae
ssdeep: 49152:cKmoG7emVUbWsKmoG7emVUbWpiPDkYOMwwnMb4PmyVjAld:cP7BVUfP7BVUeigYOXwnS4rVjAld
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10EF5D602631340B7D55134B0C45A7B980360AFB83E67E6ABFE54751AFA72BC644373BA
sha3_384: f02614eae2ce275589809af702cbe942fbd30d576fe69c38ff3cc3f5af597425e1546da8a79d55b916bd5119d4d07559
ep_bytes: e8ad0b0000e98cffffffcccccccccc8b
timestamp: 2004-08-04 05:59:09

Version Info:

CompanyName: Microsoft Corporation
FileDescription: Internet Connection Wizard Reminder
FileVersion: 6.00.2900.2180 (xpsp_sp2_rtm.040803-2158)
InternalName: ICWRMIND
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: ICWRMIND.EXE
ProductName: Microsoft® Windows® Operating System
ProductVersion: 6.00.2900.2180
Translation: 0x0409 0x04b0

Win32.Worm.VB.NNA also known as:

BkavW32.AIDetectMalware
LionicVirus.Win32.VB.n!c
tehtrisGeneric.Malware
MicroWorld-eScanWin32.Worm.VB.NNA
ClamAVWin.Worm.Virfire-6814275-0
FireEyeWin32.Worm.VB.NNA
ALYacWin32.Worm.VB.NNA
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.GenericKD.Win32.154594
SangforWorm.Win32.VB.DiskBinder
K7AntiVirusRiskware ( 0040eff71 )
AlibabaTrojan:Win32/Virut.82c7d157
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_70% (W)
BaiduWin32.Trojan.VB.t
CyrenW32/Cerbu.X.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Generik.COHEODJ
APEXMalicious
CynetMalicious (score: 100)
KasperskyUDS:Virus.Win32.VB.gh
BitDefenderWin32.Worm.VB.NNA
AvastWin32:Evo-gen [Trj]
TencentMalware.Win32.Gencirc.13c04eaf
EmsisoftWin32.Worm.VB.NNA (B)
F-SecureMalware.W32/VirFire
DrWebWin32.HLLP.Woner
VIPREWin32.Worm.VB.NNA
McAfee-GW-EditionBehavesLike.Win32.RealProtect.wh
SophosMal/Generic-S
IkarusTrojan.SuspectCRC
GDataWin32.Trojan.PSE.1WFDCAS
AviraW32/VirFire
Antiy-AVLWorm/Win32.AutoRun.vx
ArcabitWin32.Worm.VB.NNA
ZoneAlarmUDS:Virus.Win32.VB.gh
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
Acronissuspicious
McAfeeArtemis!A57D8C50F8AA
MAXmalware (ai score=80)
Cylanceunsafe
PandaTrj/Chgt.AC
RisingDropper.Agent!1.D2B7 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Ipamor.D77B!tr
BitDefenderThetaGen:NN.ZexaF.36350.lp3@aOld3Nki
AVGWin32:Evo-gen [Trj]
Cybereasonmalicious.0f8aa8
DeepInstinctMALICIOUS

How to remove Win32.Worm.VB.NNA?

Win32.Worm.VB.NNA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment