Malware

Win32:AutoRun-BZE [Wrm] information

Malware Removal

The Win32:AutoRun-BZE [Wrm] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:AutoRun-BZE [Wrm] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Win32:AutoRun-BZE [Wrm]?



File Info:

name: 10E8AE8996ACE0ECDB26.mlw
path: /opt/CAPEv2/storage/binaries/7f838fa861eb30b35eb97d06bde5d02b14e7407d85aa27e0b615bd5592fc826b
crc32: 3BBE3549
md5: 10e8ae8996ace0ecdb2611d780e2a2e6
sha1: 8b25b512dc049d6e2b5767f9f19d88b6d76d496b
sha256: 7f838fa861eb30b35eb97d06bde5d02b14e7407d85aa27e0b615bd5592fc826b
sha512: 67af2b958bae7b7c124d0df0c770e6c36846e91f840c16581fa7799b4503a654a132b24edeae48d433e02685740a4b551f7dbc57ef44547d53b8fd1b6371824b
ssdeep: 6144:sz0iFR6zJ1IFZ8hQJUnjpQkRw4CQvoscWkpRQdHrts25l:soi+zJ1IFehQs0jpRQdHry2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T176343012BA21E73BF091D8B175A5C25B35113E3316E0AC13B7C59B0A59B06E7B8F079B
sha3_384: a92cae857c1a757631213dc5e6f977c528383c6693014220576af5b42ad75669c046f9c1d399ebf67c462dadd8f323cb
ep_bytes: 68b03d4000e8eeffffff000000000000
timestamp: 2011-04-02 05:32:38


Version Info:

Translation: 0x0409 0x04b0
ProductName: GMiKCYwjMaMyfbLRfWaGYru
FileVersion: 1.00
ProductVersion: 1.00
InternalName: xhNiAgJA
OriginalFilename: xhNiAgJA.exe

Win32:AutoRun-BZE [Wrm] also known as:

BkavW32.AIDetectMalware
LionicWorm.Win32.WBNA.luev
MicroWorld-eScanGen:Variant.VBKrypt.55
FireEyeGeneric.mg.10e8ae8996ace0ec
CAT-QuickHealTrojan.Vobfus.gen
SkyhighBehavesLike.Win32.VBObfus.dm
McAfeeVBObfus.n
Cylanceunsafe
VIPREGen:Variant.VBKrypt.55
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 0054d10f1 )
AlibabaMalware:Win32/km_2ffa9.None
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.996ace
BaiduWin32.Worm.Autorun.l
VirITTrojan.Win32.Generic.AVHY
SymantecW32.Changeup!gen10
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/AutoRun.VB.ADF
APEXMalicious
TrendMicro-HouseCallWORM_VOBFUS.SMKV
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyWorm.Win32.Vobfus.djrt
BitDefenderGen:Variant.VBKrypt.55
NANO-AntivirusTrojan.Win32.Vobfus.dwumkq
AvastWin32:AutoRun-BZE [Wrm]
TACHYONWorm/W32.Vobfus.233472.D
EmsisoftGen:Variant.VBKrypt.55 (B)
F-SecureTrojan:W32/Injector.F
DrWebTrojan.VbCrypt.60
TrendMicroWORM_VOBFUS.SMKV
Trapminesuspicious.low.ml.score
SophosMal/SillyFDC-N
SentinelOneStatic AI – Malicious PE
GoogleDetected
AviraTR/Dropper.Gen
VaristW32/Vobfus.P.gen!Eldorado
Antiy-AVLWorm/Win32.WBNA.gen
KingsoftWin32.Worm.Vobfus.djrt
MicrosoftWorm:Win32/Vobfus!pz
XcitiumTrojWare.Win32.VBKrypt.A@50s21w
ArcabitTrojan.VBKrypt.55
ViRobotTrojan.Win32.A.VBKrypt.233472.CD
ZoneAlarmWorm.Win32.Vobfus.djrt
GDataGen:Variant.VBKrypt.55
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Tdss.R7739
Acronissuspicious
BitDefenderThetaAI:Packer.07F6943421
ALYacGen:Variant.VBKrypt.55
MAXmalware (ai score=81)
VBA32Trojan.VB.Nop.vc
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
RisingWorm.Win32.VBCode.br (CLASSIC)
YandexTrojan.GenAsa!WBnR5qBAzCU
IkarusWorm.Win32.Vobfus
FortinetW32/VB.ADV!tr
AVGWin32:AutoRun-BZE [Wrm]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)
alibabacloudTrojan.Win.UnkAgent

How to remove Win32:AutoRun-BZE [Wrm]?

Win32:AutoRun-BZE [Wrm] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment