Worm

Worm.Win32.VBNA.brst information

Malware Removal

The Worm.Win32.VBNA.brst is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Worm.Win32.VBNA.brst virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded pe malware family
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Worm.Win32.VBNA.brst?


File Info:

name: 56C90E723CB18F65D6AC.mlw
path: /opt/CAPEv2/storage/binaries/0802de5ae3a75b4980a600169a4a25b88224755319fc153374c2c7c9ea6ea4ca
crc32: FE239EAD
md5: 56c90e723cb18f65d6ac98db64fce772
sha1: 000899c2ada75aa4a0ce43c60a18a4eec2400968
sha256: 0802de5ae3a75b4980a600169a4a25b88224755319fc153374c2c7c9ea6ea4ca
sha512: fc43f0c5826c95a71fa21a3319c283c9d174521fbaa8283ee301f9dbf62f065798c6a0c3fadf48dc816af9069258e3047ce3229a0d786b0fe8b1d61867d5b7c7
ssdeep: 1536:X/rFbFLtRsNLCNMSG5+SUdqeHAQWXZaNwRRczNoU1LbLkOVL:PrBF3aZLBRWhlL7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T122F3C623A78306D9E4184DF531C2F3D958B930EABD621883DB111267DD6AF82876D4FE
sha3_384: dcb85fa247de06cd4b9d698750bb7c77c14c04b152c8145683e9ca29abedf2fb68f81ba0d8d869c16ab01246cdd02c14
ep_bytes: 6880114000e8f0ffffff000000000000
timestamp: 2011-01-04 12:34:18

Version Info:

Translation: 0x0409 0x04b0
CompanyName: fZnNd76
ProductName: fZnNd564
FileVersion: 8.73
ProductVersion: 8.73
InternalName: fZnNd76
OriginalFilename: fZnNd76.exe

Worm.Win32.VBNA.brst also known as:

BkavW32.AIDetectMalware
LionicWorm.Win32.Vobfus.ln1d
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.VBKrypt.23
FireEyeGeneric.mg.56c90e723cb18f65
CAT-QuickHealWorm.VobfuseMF.S22387555
SkyhighBehavesLike.Win32.VBObfus.ct
McAfeeDownloader-CJX.gen.n
Cylanceunsafe
SangforSuspicious.Win32.Save.vb
K7AntiVirusTrojan ( 001f4fd51 )
AlibabaWorm:Win32/vobfus.1030
K7GWTrojan ( 001f4fd51 )
BitDefenderThetaAI:Packer.E3F8A0EB20
VirITTrojan.Win32.Generic.BZJA
SymantecW32.Changeup
tehtrisGeneric.Malware
ESET-NOD32Win32/AutoRun.VB.YD
APEXMalicious
TrendMicro-HouseCallWORM_VOBFUS.SMIA
Paloaltogeneric.ml
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyWorm.Win32.VBNA.brst
BitDefenderGen:Variant.VBKrypt.23
NANO-AntivirusTrojan.Win32.MLW.covkms
SUPERAntiSpywareTrojan.Agent/Gen-Orsam
AvastWin32:WormX-gen [Wrm]
TencentWorm.Win32.Vbna.zg
TACHYONWorm/W32.VB-VBNA.159744
EmsisoftGen:Variant.VBKrypt.23 (B)
BaiduWin32.Worm.AutoRun.cj
F-SecureTrojan.TR/Dropper.Gen
DrWebWin32.HLLW.Autoruner.42070
VIPREGen:Variant.VBKrypt.23
TrendMicroWORM_VOBFUS.SMIA
Trapminemalicious.high.ml.score
SophosMal/Vobfus-E
IkarusTrojan.Win32.VBKrypt
JiangminTrojan/VBKrypt.hdkn
GoogleDetected
AviraTR/Dropper.Gen
VaristW32/VB.BR.gen!Eldorado
Antiy-AVLWorm/Win32.WBNA.gen
KingsoftWin32.Worm.VBNA.brst
MicrosoftWorm:Win32/Vobfus!pz
XcitiumWorm.Win32.Vobfus.D@2oklq4
ArcabitTrojan.VBKrypt.23
ViRobotWorm.Win32.A.VBNA.159744.J
ZoneAlarmWorm.Win32.VBNA.brst
GDataGen:Variant.VBKrypt.23
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.VBKrypt.R2844
VBA32SScope.Trojan.VB.01247
ALYacGen:Variant.VBKrypt.23
MAXmalware (ai score=87)
MalwarebytesGeneric.Worm.AutoRun.DDS
PandaGeneric Malware
RisingTrojan.Win32.VBCode.cfw (CLASSIC)
YandexTrojan.GenAsa!67+acRNxNBI
SentinelOneStatic AI – Malicious PE
FortinetW32/AutoRun.XM!worm
AVGWin32:WormX-gen [Wrm]
DeepInstinctMALICIOUS
alibabacloudWorm:Win/Vobfus.80c293b7

How to remove Worm.Win32.VBNA.brst?

Worm.Win32.VBNA.brst removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment