Malware

Should I remove “Win32:VB-ADKA [Trj]”?

Malware Removal

The Win32:VB-ADKA [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:VB-ADKA [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded pe malware family
  • Attempts to disable Windows Auto Updates
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Win32:VB-ADKA [Trj]?



File Info:

name: 1EDA6412283A38226453.mlw
path: /opt/CAPEv2/storage/binaries/b404609b18671f215d9a7735cd9e72f7a35db6a3c86733a9e0a6756d061c425e
crc32: 75926409
md5: 1eda6412283a382264535c049cab2555
sha1: 175826a0c05571c992553dcff5b75aa539a1b90e
sha256: b404609b18671f215d9a7735cd9e72f7a35db6a3c86733a9e0a6756d061c425e
sha512: d32f5b9659c1ee681f0284d00024797d62b7133587f6a9e250ea40fa203bf7f16a8131fa31d74e258fb9e7db70b8f6dd03846e4cbf142caa8e00179afe24215a
ssdeep: 6144:tPh1+t9RlyTcbMbgkGq/DrtRo/4COcOu2k5k6WRv7KXqyjEwGE46JxFqDs/e7wMu:FhA7R/5pjEwGE46JxR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17624C61E7251E77DD835DAF8358C539940AD9D32D283A81FEBCAB68972F08674138783
sha3_384: cf72c2ce65e75192c9131c8058b6a490c0c7966a2489fc9840b019565179b25aae0690c61c0c0104781227dc9ed7daf3
ep_bytes: 688c484000e8eeffffff000060000000
timestamp: 2012-06-16 20:54:53


Version Info:

Translation: 0x0409 0x04b0
Comments: Preplant Boggler presupremacy
CompanyName: vigorless
FileDescription: Haemaphysalis isographic
LegalCopyright: Boroglycerine Unorientalness
LegalTrademarks: Lumpkin
ProductName: Hematochezia avidiously
FileVersion: 8.03
ProductVersion: 8.03
InternalName: sqtjzsouinybro
OriginalFilename: sqtjzsouinybro.exe

Win32:VB-ADKA [Trj] also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.VBInject.11
CAT-QuickHealTrojan.Beebone.D
SkyhighBehavesLike.Win32.VBObfus.dm
McAfeeVBObfus.el
Cylanceunsafe
VIPREGen:Variant.VBInject.11
SangforTrojan.Win32.Save.a
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.2283a3
BaiduWin32.Trojan.VBObfus.f
VirITWorm.Win32.Generic.CDDS
SymantecW32.Changeup
ESET-NOD32a variant of Win32/AutoRun.VB.AQW
APEXMalicious
TrendMicro-HouseCallWORM_VOBFUS.SM01
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyWorm.Win32.Vobfus.erta
BitDefenderGen:Variant.VBInject.11
NANO-AntivirusTrojan.Win32.WBNA.covklp
AvastWin32:VB-ADKA [Trj]
SophosMal/SillyFDC-W
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.VbCrypt.60
TrendMicroWORM_VOBFUS.SM01
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.1eda6412283a3822
EmsisoftGen:Variant.VBInject.11 (B)
SentinelOneStatic AI – Malicious PE
MAXmalware (ai score=83)
JiangminTrojan/Vbobf.b
WebrootW32.Worm.Wbna.Gen
GoogleDetected
AviraTR/Dropper.Gen
VaristW32/Vobfus.BE.gen!Eldorado
Antiy-AVLWorm/Win32.WBNA.gen
Kingsoftmalware.kb.a.999
MicrosoftWorm:Win32/Vobfus.FI
XcitiumWorm.Win32.Pronny.AK@4ogvoo
ArcabitTrojan.VBInject.11
ViRobotWorm.Win32.A.WBNA.221184.QW
ZoneAlarmWorm.Win32.Vobfus.erta
GDataGen:Variant.VBInject.11
CynetMalicious (score: 100)
AhnLab-V3Worm/Win32.WBNA.R27996
Acronissuspicious
VBA32Malware-Cryptor.VB.gen
ALYacGen:Variant.VBInject.11
TACHYONWorm/W32.Agent.221184.B
MalwarebytesGeneric.Malware.AI.DDS
PandaW32/Vobfus.GEW.worm
RisingWorm.VobfusEx!1.99DB (CLASSIC)
YandexTrojan.GenAsa!BBUboHjAjQQ
IkarusWorm.Win32.Vobfus
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBKrypt.C!tr
BitDefenderThetaGen:NN.ZevbaF.36802.nm0@aSoJCWfi
AVGWin32:VB-ADKA [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Win32:VB-ADKA [Trj]?

Win32:VB-ADKA [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment