Worm

Win32.Worm.VB.NRV (file analysis)

Malware Removal

The Win32.Worm.VB.NRV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32.Worm.VB.NRV virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32.Worm.VB.NRV?



File Info:

name: 307FA47D06EA19859CEA.mlw
path: /opt/CAPEv2/storage/binaries/6470fdde4eaa7e21a5ce6a1df76b080c30de7e77fa4c612b9f7092f51248a785
crc32: B753F4F6
md5: 307fa47d06ea19859cea65b661fb2d63
sha1: f9da30508efa5d62ea9c89ca395a98f7f150f10b
sha256: 6470fdde4eaa7e21a5ce6a1df76b080c30de7e77fa4c612b9f7092f51248a785
sha512: e1385c780977e23f40b38e64a45bf2c1c6d232b4cf0b9af4fc95cab4e38e9123e2b7ce71e954c0d5a1fc2bc7ba144c71a5edb6271487a98a194ee72c0e299340
ssdeep: 1536:1hOdtOLkjp6WA8dlOSTX9OX3nnAz9enMgMPpds8wG29xaONF34bFh:gykjp6WpmSsX3nMenMgcs8w/naOfI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B4548791A613E018E078E27D4432920DDC241DF2F911FCBE7A576DF865F118B2AEB19B
sha3_384: bda9ff003ccd8c2ab383ca6afbfbf4563741925d30c1f20a0b572a2024d7497f6e1fc8517265284887a31f44298b1d4d
ep_bytes: 6868714000e8f0ffffff000000000000
timestamp: 1970-01-01 00:00:00


Version Info:

Translation: 0x0409 0x04b0
ProductName: Microsoft® Windows® Operating System
FileVersion: 1.01
ProductVersion: 1.01
InternalName: Payment Document
OriginalFilename: Payment Document.exe

Win32.Worm.VB.NRV also known as:

BkavW32.FamVT.FrizenTQ.Trojan
Elasticmalicious (high confidence)
DrWebBackDoor.Generic.1554
MicroWorld-eScanWin32.Worm.VB.NRV
ClamAVWin.Trojan.Generic-9959068-0
FireEyeGeneric.mg.307fa47d06ea1985
CAT-QuickHealWorm.Flewon.S349523
McAfeeGeneric VB.b
MalwarebytesGeneric.Malware.AI.DDS
ZillyaWorm.VB.Win32.301
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 005640b91 )
K7GWTrojan ( 005640b91 )
Cybereasonmalicious.08efa5
BitDefenderThetaGen:NN.ZevbaF.36662.sm3@a8VddRci
VirITI-WORM.VB.G
CyrenW32/A-e5d3faea!Eldorado
SymantecW32.SillyWNSE
tehtrisGeneric.Malware
ESET-NOD32Win32/VB.NKF
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.Vkont.ha
BitDefenderWin32.Worm.VB.NRV
NANO-AntivirusTrojan.Win32.Vkont.dzhsri
SUPERAntiSpywareTrojan.Agent/Gen-Lurker
AvastWin32:VB-CMK [Wrm]
TencentTrojan-Spy.Win32.Vkont.za
EmsisoftWin32.Worm.VB.NRV (B)
F-SecureTrojan.TR/Spy.VB.BZ
BaiduWin32.Worm.VB.ji
VIPREWin32.Worm.VB.NRV
TrendMicroWORM_VB.SMI
McAfee-GW-EditionBehavesLike.Win32.VBObfus.dz
Trapminemalicious.moderate.ml.score
SophosW32/VB-CUZ
SentinelOneStatic AI – Malicious PE
GDataWin32.Worm.VB.NRV
JiangminTrojanClicker.Qihai.aq
WebrootTrojanSpy:Win32/Vwealer.KZ
AviraTR/Spy.VB.BZ
MAXmalware (ai score=81)
Antiy-AVLTrojan[Spy]/Win32.Vkont.ha
XcitiumWorm.Win32.Agent.~AAO@7pnc
ArcabitWin32.Worm.VB.NRV
ZoneAlarmTrojan-Spy.Win32.Vkont.ha
MicrosoftTrojanSpy:Win32/Vwealer
GoogleDetected
AhnLab-V3Trojan/Win32.Swisyn.R17855
VBA32Trojan.VBO.0134
ALYacWin32.Worm.VB.NRV
Cylanceunsafe
PandaW32/MadCoffee.C.worm
TrendMicro-HouseCallWORM_VB.SMI
RisingWorm.VBInjectEx!1.99E6 (CLASSIC)
IkarusVirus.Win32.VB
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VB.CB@mm
AVGWin32:VB-CMK [Wrm]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32.Worm.VB.NRV?

Win32.Worm.VB.NRV removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment