Malware

Win32:VB-AEMG [Trj] information

Malware Removal

The Win32:VB-AEMG [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:VB-AEMG [Trj] virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to disable Windows Auto Updates
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Win32:VB-AEMG [Trj]?



File Info:

name: 84F35709459093D50520.mlw
path: /opt/CAPEv2/storage/binaries/9e95cb47c4eacf2855572c5d5a4685296504bbcb4df9c74da07bf01493dffbd6
crc32: 616D8988
md5: 84f35709459093d50520c67a42a5eafe
sha1: 18c05d344763373421b554161cb73c6f2cceb41d
sha256: 9e95cb47c4eacf2855572c5d5a4685296504bbcb4df9c74da07bf01493dffbd6
sha512: 1b2270da3e2cb42a0b680a61ca34cbaf3e075bc6b5d64209aacd530cab3c48fdf3a26285cb3b5b85f27eaeccb7ec867cbab97b6c325da03695b6b105b39c2238
ssdeep: 1536:6mS5c/7Qxp4BNRXAEwqScgDz0Bg2PDXJRde/S9FMYVwt+QaMcoXjLl0Gi:Vm4zDfDXJVa+vo3mGi
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D6A3D67FBB068096D644A57033E6C3E616BB785B6B0B514B6748377B18A3F101D2CEA3
sha3_384: 080f747eeefce3131c893835f815742eb648649c5fd9304426d5f7e2bcb2a96537524399826188ec1824b6520b5d3dd0
ep_bytes: 68b4124000e8eeffffff000000000000
timestamp: 2012-09-15 19:48:43


Version Info:

Translation: 0x0409 0x04b0
ProductName: Dematerialize
FileVersion: 7.33
ProductVersion: 7.33
InternalName: Traverso
OriginalFilename: Traverso.exe

Win32:VB-AEMG [Trj] also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Jorik.lC9L
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Barys.2644
ClamAVWin.Trojan.Vobfus-16
FireEyeGeneric.mg.84f35709459093d5
CAT-QuickHealTrojan.Beebone.D
McAfeeGenDownloader.rv
Cylanceunsafe
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaWorm:Win32/vobfus.1030
K7GWEmailWorm ( 0054d10f1 )
K7AntiVirusEmailWorm ( 0054d10f1 )
BitDefenderThetaGen:NN.ZevbaF.36250.gm0@am08iGki
VirITTrojan.Win32.Zyx.NX
CyrenW32/VB.HE.gen!Eldorado
SymantecW32.Changeup!gen20
Elasticmalicious (high confidence)
ESET-NOD32Win32/Pronny.EC
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Vobfus.mab
BitDefenderGen:Variant.Barys.2644
NANO-AntivirusTrojan.Win32.Vobfus.cihuhb
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:VB-AEMG [Trj]
TencentTrojan.Win32.Vobfus.hb
TACHYONTrojan/W32.Vobfus.102400.B
SophosMal/SillyFDC-Y
BaiduWin32.Worm.Pronny.fs
F-SecureTrojan.TR/Dropper.Gen
DrWebWin32.HLLW.Autoruner1.26095
VIPREGen:Variant.Barys.2644
TrendMicroWORM_VOBFUS.SM02
McAfee-GW-EditionBehavesLike.Win32.VBObfus.cm
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Barys.2644 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Barys.2644
JiangminTrojan/Vbobf.b
AviraTR/Dropper.Gen
Antiy-AVLWorm/Win32.WBNA.gen
XcitiumTrojWare.Win32.Pronny.EB@4qtzpj
ArcabitTrojan.Barys.DA54
ZoneAlarmTrojan.Win32.Vobfus.mab
MicrosoftWorm:Win32/Vobfus.HW
GoogleDetected
AhnLab-V3Trojan/Win32.Menti.R36560
VBA32SScope.Malware-Cryptor.VBCR.3042
MAXmalware (ai score=85)
MalwarebytesPronny.Worm.Spreader.DDS
PandaW32/Vobfus.GEW.worm
TrendMicro-HouseCallWORM_VOBFUS.SM02
RisingTrojan.Win32.VBCode.fvg (CLASSIC)
IkarusWin32.Outbreak
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBObfus.AU!tr
AVGWin32:VB-AEMG [Trj]
Cybereasonmalicious.945909
DeepInstinctMALICIOUS

How to remove Win32:VB-AEMG [Trj]?

Win32:VB-AEMG [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment