Worm

Worm.Win32.VBNA.c (file analysis)

Malware Removal

The Worm.Win32.VBNA.c is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Win32.VBNA.c virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Executed a process and injected code into it, probably while unpacking
  • Anomalous binary characteristics

How to determine Worm.Win32.VBNA.c?



File Info:

crc32: 798B5C44
md5: e90dc89b4ec18cf428631a8902749f1b
name: E90DC89B4EC18CF428631A8902749F1B.mlw
sha1: 6fa53c1957f74d8f0a5e562fcbc12ca59ebc12bd
sha256: bc85f899553e25d866cbfd48cdd5aaaa578f0f33ba18e890efd411310bacc5a1
sha512: ce77b835e528fcf3b9d0e72fcf53f2162a029299106092f0028928fc3115c72c0ff2c2ee71d396a00f299b2b8979ec98945168e3239f1be51eaa4b1d0109ef24
ssdeep: 3072:05PDykjCBx2hypK7D6zdX3+P+kdMThx0NYKSevfJrIuXoX4:1xbKxvh80k4
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: ZPdoQV
InternalName: Stubc1
FileVersion: 1.00
CompanyName: heAQvAxILbwxG
Comments: LpEYrKFuajkinY
ProductName: bguEZnaMnJ
ProductVersion: 1.00
FileDescription: vQtFTBSEIjQU
OriginalFilename: Stubc1.exe

Worm.Win32.VBNA.c also known as:

BkavW32.AIDetectVM.malware1
K7AntiVirusTrojan ( 0055e3991 )
Elasticmalicious (high confidence)
DrWebBackDoor.Bifrost.20897
CynetMalicious (score: 100)
ALYacGen:Trojan.Heur.VB.km2@e8Zq8bgi
CylanceUnsafe
ZillyaWorm.VBNA.Win32.141890
SangforMalware
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaWorm:Win32/VBInject.75048d06
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.b4ec18
BaiduWin32.Trojan.VB.ai
CyrenW32/VBInject.AC.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Bifrose
APEXMalicious
TotalDefenseWin32/VBNA.A!generic
AvastWin32:Malware-gen
ClamAVWin.Trojan.Poison-6897259-0
KasperskyWorm.Win32.VBNA.c
BitDefenderGen:Trojan.Heur.VB.km2@e8Zq8bgi
NANO-AntivirusTrojan.Win32.VB.dwwmno
ViRobotWorm.Win32.A.VBNA.164746.A
SUPERAntiSpywareTrojan.Agent/Gen-Faldesc
MicroWorld-eScanGen:Trojan.Heur.VB.km2@e8Zq8bgi
TencentMalware.Win32.Gencirc.114bc2f4
Ad-AwareGen:Trojan.Heur.VB.km2@e8Zq8bgi
SophosMal/Generic-R + Mal/VB-CMXA
ComodoTrojWare.Win32.SGen.A@4ll7lp
F-SecureTrojan.TR/Dropper.Gen
BitDefenderThetaAI:Packer.5332B31B1F
VIPRETrojan.Win32.Vbinject.mzob (v)
TrendMicroTROJ_GEN.FCBEZLB
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.e90dc89b4ec18cf4
EmsisoftGen:Trojan.Heur.VB.km2@e8Zq8bgi (B)
SentinelOneStatic AI – Malicious PE
JiangminWorm/VBNA.hdea
WebrootW32.Trojan.Gen
AviraTR/Dropper.Gen
eGambitGeneric.Trojan
Antiy-AVLWorm/Win32.VBNA
KingsoftWin32.Heur.KVMH008.a.(kcloud)
MicrosoftVirTool:Win32/VBInject.gen!EP
GridinsoftTrojan.Heur!.022022C1
ArcabitTrojan.Heur.VB.EBF6BF
AegisLabTrojan.Win32.Generic.lwyr
ZoneAlarmWorm.Win32.VBNA.c
GDataGen:Trojan.Heur.VB.km2@e8Zq8bgi
McAfeeArtemis!E90DC89B4EC1
MAXmalware (ai score=100)
VBA32Malware-Cryptor.VB.gen.1
PandaGeneric Malware
TrendMicro-HouseCallTROJ_GEN.FCBEZLB
RisingHackTool.VBInject!1.6497 (CLASSIC)
YandexTrojan.Injector!X/BLrN5ISko
IkarusTrojan.Win32.Refroso
FortinetW32/Bifrose.NKY!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Malware.Radar01.Gen

How to remove Worm.Win32.VBNA.c?

Worm.Win32.VBNA.c removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment