About “Worm.Bladabindi (A)” infection

Malware Removal

The Worm.Bladabindi (A) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Worm.Bladabindi (A) virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Worm.Bladabindi (A)?


File Info:

crc32: 1D36243A
md5: ade12a252c94108e2f36d605d0ce9e50
name: ADE12A252C94108E2F36D605D0CE9E50.mlw
sha1: 0322925698f5ff6a827c14643d82e86ba517a439
sha256: 997a785d423762e799a7ff284413ac97b2fd02fc83c6e9427bd9373a5bb301c5
sha512: 1fc273b177791390f81ef5c2d0727934bb9f8b1cebfa11f18259545b273545da8030c18c3436a665f86e3195ba19c7006f9abfbbe9a3d16edb8be11cc23b0473
ssdeep: 3072:UYH88y9uczJx44Dolo4fFSpTjP17qWyW3zbx49qZhMqgz:Ply9uczJxRDolZgV1dnbfZC/
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2020
Assembly Version: 1.0.0.0
InternalName: XStub3.exe
FileVersion: 1.0.0.0
CompanyName:
LegalTrademarks:
Comments:
ProductName: XStub3
ProductVersion: 1.0.0.0
FileDescription: XStub3
OriginalFilename: XStub3.exe

Worm.Bladabindi (A) also known as:

K7AntiVirusTrojan ( 00562fbf1 )
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader33.32395
CynetMalicious (score: 100)
CAT-QuickHealTrojan.MSIL
ALYacTrojan.GenericKDZ.66558
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 00562fbf1 )
Cybereasonmalicious.52c941
CyrenW32/MSIL_Bladabindi.EM.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32MSIL/Bladabindi.AR
APEXMalicious
AvastWin32:RATX-gen [Trj]
ClamAVWin.Dropper.njRAT-7775565-0
KasperskyHEUR:Trojan.MSIL.Gorgon.gen
BitDefenderTrojan.GenericKDZ.66558
SUPERAntiSpywareTrojan.Agent/Gen-Gorgon
MicroWorld-eScanTrojan.GenericKDZ.66558
Ad-AwareTrojan.GenericKDZ.66558
SophosMal/Generic-S
F-SecureTrojan.TR/Dropper.Gen
BitDefenderThetaGen:NN.ZemsilF.34684.ru3@aaskjtb
McAfee-GW-EditionBehavesLike.Win32.Generic.dh
FireEyeGeneric.mg.ade12a252c94108e
EmsisoftWorm.Bladabindi (A)
SentinelOneStatic AI – Malicious PE
AviraTR/Dropper.Gen
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/MSIL.Gorgon
MicrosoftTrojan:Win32/Ashify.J!rfn
GridinsoftRansom.Win32.Wacatac.dd!n
ArcabitTrojan.Generic.D103FE
ZoneAlarmHEUR:Trojan.MSIL.Gorgon.gen
GDataTrojan.GenericKDZ.66558
AhnLab-V3Trojan/Win32.Bladabindi.R333672
McAfeeTrojan-FSIM!ADE12A252C94
MAXmalware (ai score=89)
VBA32CIL.StupidPInvoker-1.Heur
MalwarebytesBackdoor.Bladabindi
TrendMicro-HouseCallTROJ_GEN.R066C0DDR21
RisingWorm.Bladabindi!8.29B (TFE:dGZlOgyWmrzF3DCxZA)
YandexWorm.Bladabindi!0iKShdgdC0c
IkarusTrojan.MSIL.Crypt
FortinetMSIL/Bladabindi.AR!worm
AVGWin32:RATX-gen [Trj]
Paloaltogeneric.ml

How to remove Worm.Bladabindi (A)?

Worm.Bladabindi (A) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment