What is “Worm.Win32.Debris.b”?

The Worm.Win32.Debris.b is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Worm.Win32.Debris.b virus can do?

Sample contains Overlay data
Authenticode signature is invalid

How to determine Worm.Win32.Debris.b?


File Info:
name: 40DDF7A8B70698D7D41C.mlw
path: /opt/CAPEv2/storage/binaries/fb19b2dbb1492b0d6e7b4894209c6e4ddb026bffae97d3dd99b60e6d0f46c1bf
crc32: E96DA40A
md5: 40ddf7a8b70698d7d41c0aedf9d520d2
sha1: 8721b65cfe2ad5bb984b54f6e3aea675c61a60f0
sha256: fb19b2dbb1492b0d6e7b4894209c6e4ddb026bffae97d3dd99b60e6d0f46c1bf
sha512: 471a458a45c24007db6ec447e03e0e6a19e6778baca1cc0197e8441f7d54a30a249318ddc925dbe30bc9e4b3a2635c3ad67b2dd6aafb3804c64941268e6f8e0c
ssdeep: 96:DixZjmjtjd8jPjcZGR5TInHrqvLjODQKz8m95yrFVFNGY:unSR6bgYMqvLj3Kom9iVFUY
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T147D15233CBA19832FA9D1DB35F8924DE70D84C721E7D6A5550F0281031A049F6ED73AE
sha3_384: d03af986ce1f679c42ba53e3b6415e789f358d03f59de79d427938d07b4a2aed4bcd57e849ec0bf8833944d06f398b27
ep_bytes: 558bec538b5d08568b750c578b7d1085
timestamp: 2013-06-02 20:43:59

Version Info:
0: [No Data]

Worm.Win32.Debris.b also known as:

Bkav	W32.FamVT.DebrisA.Worm
tehtris	Generic.Malware
MicroWorld-eScan	Gen:Variant.Barys.431082
FireEye	Generic.mg.40ddf7a8b70698d7
CAT-QuickHeal	Trojan.Agent.WL
Skyhigh	BehavesLike.Win32.Worm.xt
McAfee	W32/Worm-FKH!40DDF7A8B706
Malwarebytes	Generic.Malware.AI.DDS
Zillya	Worm.DebrisGen.Win32.28
Sangfor	Suspicious.Win32.Save.ins
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 004436271 )
K7AntiVirus	EmailWorm ( 0040f50c1 )
Baidu	Win32.Worm.Bundpil.x
VirIT	Worm.Win32.Generic.GJU
Symantec	Trojan Horse
Elastic	malicious (high confidence)
ESET-NOD32	Win32/Bundpil.AI
APEX	Malicious
TrendMicro-HouseCall	WORM_GAMARUE.SML
ClamAV	Win.Adware.Downware-316
Kaspersky	Worm.Win32.Debris.b
BitDefender	Gen:Variant.Barys.431082
NANO-Antivirus	Trojan.Win32.Debris.cssodu
SUPERAntiSpyware	Worm.Gamarue
Avast	Win32:Sg-G [Trj]
Tencent	Worm.Win32.Debris.a
TACHYON	Worm/W32.Debris.6504.D
Emsisoft	Gen:Variant.Barys.431082 (B)
F-Secure	Worm.WORM/Gamarue.600541
DrWeb	Trojan.Starter.7266
VIPRE	Gen:Variant.Barys.431082
TrendMicro	WORM_GAMARUE.SML
Sophos	Troj/Agent-ACCV
Ikarus	Worm.Win32.Bundpil
Jiangmin	Worm/Debris.b
Google	Detected
Avira	WORM/Gamarue.600541
Varist	W32/Csyr.B.gen!Eldorado
Antiy-AVL	Worm/Win32.Debris
Kingsoft	malware.kb.a.985
Microsoft	Worm:Win32/Gamarue.U
Xcitium	TrojWare.Win32.Debris.JOUE@4ygmsm
Arcabit	Trojan.Barys.D693EA
ViRobot	Trojan.Win32.Agent.6329
ZoneAlarm	Worm.Win32.Debris.b
GData	Win32.Worm.Gamarue.AQ
Cynet	Malicious (score: 100)
AhnLab-V3	Worm/Win32.Debris.R68931
BitDefenderTheta	Gen:NN.ZedlaF.36802.aq5@aCYOrNp
ALYac	Gen:Variant.Barys.431082
MAX	malware (ai score=89)
VBA32	Worm.Gamarue
Cylance	unsafe
Panda	Trj/Vilsel.AF
Rising	Worm.Gamarue!1.9CC1 (CLASSIC)
Yandex	Trojan.GenAsa!epZR9n5ihTQ
SentinelOne	Static AI – Malicious PE
MaxSecure	Worm.Debris.j
Fortinet	W32/Agent.AF!worm
AVG	Win32:Sg-G [Trj]
DeepInstinct	MALICIOUS
alibabacloud	Worm:Win/Gamarue.4783f685

How to remove Worm.Win32.Debris.b?

Worm.Win32.Debris.b removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X