Worm

Worm.Generic.392786 (B) removal

Malware Removal

The Worm.Generic.392786 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Generic.392786 (B) virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Catalan
  • Creates an autorun.inf file
  • Authenticode signature is invalid
  • Likely virus infection of existing system binary
  • Attempts to modify Explorer settings to prevent file extensions from being displayed
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Worm.Generic.392786 (B)?



File Info:

name: C20A32A49895A94DED27.mlw
path: /opt/CAPEv2/storage/binaries/1a06f2769ff887d78c5184b2007b5997da951d6126754b6ba3d6a4894b766ba1
crc32: B40EDC10
md5: c20a32a49895a94ded2715340cb732c1
sha1: 3bef9b35a042c0ca9a33650c1cfc2bc00f0d7d02
sha256: 1a06f2769ff887d78c5184b2007b5997da951d6126754b6ba3d6a4894b766ba1
sha512: 5c45297f32b2730ee7b587453e338b4f60526169c3caf61a6b5338cd9aaf7614ca12dcc1234f004cb74a142033b0cadde504182b2511b8ed3c37e33e744d6e80
ssdeep: 3072:WIsSJs/pVJzIxFY46hsilWDX0CQNZUyplsGJPn4:WIlYxwFr6Dlk0pTXpls5
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1FCE36B0BF63B5C15E439443E48F862BCA5CE010DE592F9D2E8A6BB0C69347625DCF5AC
sha3_384: 3e27c234677af768a83a7c58e033e583a10724cbcead02b55d5a7a412bc74e55fa0cb9a178fbc0476a6bec925900c169
ep_bytes: 5383ec44b823104000b9000000008a18
timestamp: 2007-10-29 06:17:05


Version Info:

0: [No Data]

Worm.Generic.392786 (B) also known as:

Elasticmalicious (high confidence)
DrWebWin32.HLLW.Tazebama
MicroWorld-eScanWorm.Generic.392786
FireEyeGeneric.mg.c20a32a49895a94d
CAT-QuickHealW32.Mabezat.Dr
ALYacWorm.Generic.392786
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusVirus ( 000ad08b1 )
K7GWVirus ( 000ad08b1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaAI:FileInfector.72161D3514
VirITWorm.Win32.Mabezat.A
CyrenW32/Mabezat.FRWO-1177
SymantecW32.Mabezat.B
ESET-NOD32Win32/Mabezat.A
TrendMicro-HouseCallPE_MABEZAT.B-O
ClamAVWin.Trojan.Mabezat-1
KasperskyWorm.Win32.Mabezat.b
BitDefenderWorm.Generic.392786
NANO-AntivirusVirus.Win32.Mabezat.kfroy
ViRobotWorm.Win32.Mabezat.154751
AvastWin32:Agent-AVCE [Trj]
TencentTrojan.Win32.Mabezat.a
Ad-AwareWorm.Generic.392786
EmsisoftWorm.Generic.392786 (B)
ComodoWorm.Win32.Mabezat.b@14k3c8
BaiduWin32.Worm.Mabezat.b
ZillyaWorm.MabezatGen.Win32.3
TrendMicroPE_MABEZAT.B-O
McAfee-GW-EditionBehavesLike.Win32.PWSZbot.cc
SophosML/PE-A + W32/Mabezat-B
IkarusWorm.Win32.Mabezat
JiangminTrojan/Mabezat.g
AviraWORM/Mabezat.b
MAXmalware (ai score=85)
Antiy-AVLTrojan/Generic.ASVirus.28
MicrosoftVirus:Win32/Mabezat.B
SUPERAntiSpywareTrojan.Agent/Gen-Worm
ZoneAlarmTrojan.Win32.Yakes.pvii
GDataWorm.Generic.392786
CynetMalicious (score: 100)
AhnLab-V3Win32/Mabezat
McAfeeW32/Mabezat
TACHYONWorm/W32.Mabezat
VBA32Trojan.Win32.Mabezat.a
MalwarebytesSality.Virus.FileInfector.DDS
APEXMalicious
RisingWorm.Mabezat!1.995D (RDMK:cmRtazrtTlJtsCGfj/y1MQQ6CbMV)
YandexTrojan.GenAsa!0z4t/44RHDE
SentinelOneStatic AI – Malicious PE
MaxSecureVirus.Mabezat.B
FortinetW32/Mabezat.B!worm
AVGWin32:Agent-AVCE [Trj]
Cybereasonmalicious.49895a
PandaW32/Mabezat.C.worm

How to remove Worm.Generic.392786 (B)?

Worm.Generic.392786 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment