Worm.Win32.Debris.aq (file analysis)

The Worm.Win32.Debris.aq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Worm.Win32.Debris.aq virus can do?

Authenticode signature is invalid
Binary file triggered YARA rule
Yara detections observed in process dumps, payloads or dropped files

How to determine Worm.Win32.Debris.aq?


File Info:
name: 9DC807F08D9896B52D14.mlw
path: /opt/CAPEv2/storage/binaries/76562df249f3a2d128dbcf5b5dabd167f817eea4c18435686a3bde0e7a6d84cb
crc32: 1DDC6F34
md5: 9dc807f08d9896b52d149a7248b2e214
sha1: bd5a3df6d8357e267fe6620be0dc162c33f7ad98
sha256: 76562df249f3a2d128dbcf5b5dabd167f817eea4c18435686a3bde0e7a6d84cb
sha512: dd0a3395181656ad61e3711c74613e7b067ed7150a6e43703e933bc7294b5c67e2e88ffd6e8c4c1cec8917a94bdb64a338a09efe79474326e7d10f6146e64ab4
ssdeep: 48:qfAqMrhWR69rDvrXkxLVYuX/2svystYVzwG4RApLiSU:FlrY6JrrXk3vbduVzwG4+iF
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T18B712D3B2799EEB3D1A8237416E71B9D70AAAF35432342C74281852A546D3A07FF3B11
sha3_384: 1853214f6d3be0454f60a7e4ca3c5e53cbd3c7596c23e23785a81a8659fe1ec37cc1115b2213ecd12d3bbbcfa7ca3403
ep_bytes: 558bec518b450c8945fcb8010000008b
timestamp: 2013-07-01 21:53:27

Version Info:
0: [No Data]

Worm.Win32.Debris.aq also known as:

Bkav	W32.FamVT.DebrisA.Worm
Lionic	Worm.Win32.Debris.lNQC
MicroWorld-eScan	Gen:Variant.Zusy.325289
FireEye	Generic.mg.9dc807f08d9896b5
CAT-QuickHeal	Trojan.Agent.WL
Skyhigh	Downloader-FOB!9DC807F08D98
McAfee	Downloader-FOB!9DC807F08D98
Cylance	unsafe
Zillya	Worm.DebrisGen.Win32.2
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 0040f52e1 )
K7AntiVirus	Trojan ( 0040f52e1 )
Baidu	Win32.Worm.Agent.q
VirIT	Worm.Win32.Generic.HHB
Symantec	W32.Dromedan
ESET-NOD32	a variant of Win32/Bundpil.BC
APEX	Malicious
ClamAV	Win.Adware.Downware-242
Kaspersky	Worm.Win32.Debris.aq
BitDefender	Gen:Variant.Zusy.325289
NANO-Antivirus	Trojan.Win32.Drop.bxprxw
SUPERAntiSpyware	Trojan.Agent/Gen-Downloader
Avast	Win32:Sg-C [Trj]
Tencent	Worm.Win32.Debris.b
TACHYON	Worm/W32.Debris.3584.G
Sophos	W32/Gamarue-BJ
Google	Detected
F-Secure	Worm.WORM/Gamarue.358495
DrWeb	Trojan.MulDrop4.25343
VIPRE	Gen:Variant.Zusy.325289
TrendMicro	WORM_GAMARUE.SMF
Emsisoft	Gen:Variant.Zusy.325289 (B)
Ikarus	Worm.Win32.Debris
Jiangmin	Worm/Debris.am
Varist	W32/Csyr.C.gen!Eldorado
Avira	WORM/Gamarue.358495
Antiy-AVL	Worm/Win32.Debris.aq
Kingsoft	malware.kb.a.1000
Microsoft	TrojanDownloader:Win32/Andromeda!pz
Xcitium	Worm.Win32.Bundpil.BL@4zjaeb
Arcabit	Trojan.Zusy.D4F6A9
ViRobot	Trojan.Win32.Agent.3584.AZ
ZoneAlarm	Worm.Win32.Debris.aq
GData	Gen:Variant.Zusy.325289
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.Agent.R73096
Acronis	suspicious
VBA32	Worm.Gamarue
ALYac	Gen:Variant.Zusy.325289
MAX	malware (ai score=86)
Malwarebytes	Worm.Gamarue
Panda	Trj/Vilsel.AF
TrendMicro-HouseCall	WORM_GAMARUE.SMF
Rising	Worm.Gamarue!1.9CC6 (CLASSIC)
SentinelOne	Static AI – Malicious PE
MaxSecure	Worm.Debris.Gen
Fortinet	W32/Bundpil.AA!tr
BitDefenderTheta	Gen:NN.ZedlaF.36802.aq4@a4DzT!h
AVG	Win32:Sg-C [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Worm:Win/Gamarue.4a28cb2b

How to remove Worm.Win32.Debris.aq?

Worm.Win32.Debris.aq removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X