Malware

Win32:VB-ACAJ [Trj] malicious file

Malware Removal

The Win32:VB-ACAJ [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:VB-ACAJ [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to disable Windows Auto Updates
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Win32:VB-ACAJ [Trj]?



File Info:

name: 76D0A654966D5ABEED99.mlw
path: /opt/CAPEv2/storage/binaries/75948f76d3d9925dd9d77ddd47349d2094ffed63e0f3c9f3dbf0efd05ef54181
crc32: E9C402E4
md5: 76d0a654966d5abeed9957f794a1049b
sha1: 45d4a172ea5034b89d5fc53e18ac460d4a01f4a7
sha256: 75948f76d3d9925dd9d77ddd47349d2094ffed63e0f3c9f3dbf0efd05ef54181
sha512: a77332c27b68a2bc6b78f018401bdc2b29481129185fc334526c51559cca6f453c6e9dae72f1fd8d238636121522f6828750d6e2868373332749ac886cfcf050
ssdeep: 6144:yM+g4Psq8gFV91GGGLVTmrshXj0MQH1DUhu1GJu+DODryKnKxO:5+UgFV6Hm1JKxO
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T100643016AD10A03BE64698F1291983AA291D1E776380FC0BF385BB9870751E7F6F171F
sha3_384: 5376eacfb7945ec075adbbcad2c16b584462a0d5fe50ad9709c97801cec3580ef216f51748e11e622af02d3b51d56dd7
ep_bytes: 68dc4b4000e8f0ffffff000048000000
timestamp: 2012-03-29 20:56:00


Version Info:

ProductName: 87
FileVersion: 67.00
ProductVersion: 188.00
InternalName: 445
OriginalFilename: 98
Translation: 0x0409 0x04b0

Win32:VB-ACAJ [Trj] also known as:

BkavW32.AIDetectMalware
LionicWorm.Win32.WBNA.lw12
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Barys.950
ClamAVWin.Trojan.Vobfus-8
FireEyeGeneric.mg.76d0a654966d5abe
CAT-QuickHealTrojan.Beebone.D
McAfeeVBObfus.dv
Cylanceunsafe
SangforTrojan.Win32.Save.a
K7AntiVirusEmailWorm ( 0054d10f1 )
AlibabaWorm:Win32/vobfus.5ae7
K7GWEmailWorm ( 0054d10f1 )
CrowdStrikewin/malicious_confidence_100% (W)
BaiduWin32.Trojan.VBObfus.f
VirITTrojan.Win32.SHeur4.WOC
CyrenW32/Vobfus.BE.gen!Eldorado
SymantecW32.Changeup
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/AutoRun.VB.AUA
APEXMalicious
CynetMalicious (score: 100)
KasperskyWorm.Win32.Vobfus.dffg
BitDefenderGen:Variant.Barys.950
NANO-AntivirusTrojan.Win32.VB.rilrg
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:VB-ACAJ [Trj]
TencentWorm.Win32.Vobfus.n
TACHYONTrojan/W32.VB-Agent.323584.AA
SophosMal/SillyFDC-W
F-SecureTrojan.TR/Otran.A.7622
DrWebTrojan.VbCrypt.60
VIPREGen:Variant.Barys.950
TrendMicroWORM_VOBFUS.SMJA
McAfee-GW-EditionBehavesLike.Win32.VBObfus.fm
Trapminemalicious.moderate.ml.score
EmsisoftGen:Variant.Barys.950 (B)
IkarusWin32.Outbreak
GDataWin32.Trojan.VB.ABW
JiangminTrojan/Vbobf.b
AviraTR/Otran.A.7622
Antiy-AVLWorm/Win32.WBNA.gen
XcitiumTrojWare.Win32.VB.AVA@4paxk7
ArcabitTrojan.Barys.950
ViRobotTrojan.Win32.A.VB.323584.C
ZoneAlarmWorm.Win32.Vobfus.dffg
MicrosoftWorm:Win32/Vobfus.gen!X
GoogleDetected
AhnLab-V3HEUR/Fakon.mwf.X1381
VBA32TScope.Trojan.VB
ALYacGen:Variant.Barys.950
MAXmalware (ai score=89)
MalwarebytesMalware.AI.3346315863
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SMJA
RisingTrojan.VBEx!1.99EE (CLASSIC)
YandexTrojan.GenAsa!E+i3NUt6r10
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBKrypt.C!tr
BitDefenderThetaGen:NN.ZevbaF.36250.tm0@aauLgrgi
AVGWin32:VB-ACAJ [Trj]
DeepInstinctMALICIOUS

How to remove Win32:VB-ACAJ [Trj]?

Win32:VB-ACAJ [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment