Worm

Worm.Win32.Vobfus.efsv malicious file

Malware Removal

The Worm.Win32.Vobfus.efsv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm.Win32.Vobfus.efsv virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • CAPE detected the embedded pe malware family
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Worm.Win32.Vobfus.efsv?



File Info:

name: 44E4A797FD7C60C91F1D.mlw
path: /opt/CAPEv2/storage/binaries/7079411d9c51fd84cd73b4238900f7e830fd8c8e93142b8da09fb09f142eff90
crc32: 003B75C6
md5: 44e4a797fd7c60c91f1d665e1c706490
sha1: d3dc423531ef17007d2e28a9715aeb2c712afec1
sha256: 7079411d9c51fd84cd73b4238900f7e830fd8c8e93142b8da09fb09f142eff90
sha512: b2d1de593b2c5ea269342894f54868f75f4e0ac6ff591d8f8528cd9cfe758ce1783ea65414bb365b6b37f353aefeb01a0e2006b8276470251ef12a3415794bdd
ssdeep: 3072:A0O27Wj5h3QKWXXWXG8FF7K+AmsgE5kEZZZy6x8WNE5j4oQc:DWjX3QKKXWFFF7KlgaStd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F3F3832676C0F67DC515C6F8392E8390A436ED3565E2AC03F6C26F26B6B6D67D220307
sha3_384: ef983664d26869de9fa1c1f367a4066b53df32c604b79f2d7c4ed78ca2c352bb51522986a3b7f24453696ceefcc0ac67
ep_bytes: 68cc404000e8f0ffffff000000000000
timestamp: 2011-10-03 15:13:14


Version Info:

Translation: 0x0409 0x04b0
ProductName: fhNnqRjrnbnyMS
FileVersion: 1.00
ProductVersion: 1.00
InternalName: JmYWebFBNMweSXnpAJ
OriginalFilename: JmYWebFBNMweSXnpAJ.exe

Worm.Win32.Vobfus.efsv also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.VBKrypt.23
ClamAVWin.Trojan.VB-1545
FireEyeGeneric.mg.44e4a797fd7c60c9
CAT-QuickHealTrojan.Vobfus.gen
SkyhighBehavesLike.Win32.VBObfus.cm
McAfeeVBObfus.bc
MalwarebytesGeneric.Malware.AI.DDS
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaAI:Packer.C33BF22B20
VirITWorm.Win32.Generic.BAEZ
SymantecW32.Changeup
ESET-NOD32Win32/AutoRun.VB.AMX
APEXMalicious
CynetMalicious (score: 100)
KasperskyWorm.Win32.Vobfus.efsv
BitDefenderGen:Variant.VBKrypt.23
NANO-AntivirusTrojan.Win32.VB.rilrb
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
AvastWin32:VB-ABDC [Drp]
TACHYONTrojan/W32.VB-Diple.159744
EmsisoftGen:Variant.VBKrypt.23 (B)
BaiduWin32.Trojan.Inject.n
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.VbCrypt.60
VIPREGen:Variant.VBKrypt.23
TrendMicroWORM_VOBFUS.SMHE
Trapminemalicious.high.ml.score
SophosMal/VB-XV
IkarusWorm.Win32.Vobfus
GDataGen:Variant.VBKrypt.23
VaristW32/Vobfus.Z.gen!Eldorado
AviraTR/Dropper.Gen
Antiy-AVLWorm/Win32.WBNA.gen
Kingsoftmalware.kb.a.1000
XcitiumTrojWare.Win32.Diple.EMIB@4pez3w
ArcabitTrojan.VBKrypt.23
ZoneAlarmWorm.Win32.Vobfus.efsv
MicrosoftWorm:Win32/Vobfus!pz
GoogleDetected
AhnLab-V3Trojan/Win32.Diple.R13793
Acronissuspicious
ALYacGen:Variant.VBKrypt.23
MAXmalware (ai score=88)
VBA32BScope.Worm.Vobfus
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallWORM_VOBFUS.SMHE
RisingWorm.VobfusEx!1.99DB (CLASSIC)
YandexTrojan.GenAsa!g0BYoJ2W/qc
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VB.CNE!worm
AVGWin32:VB-ABDC [Drp]
Cybereasonmalicious.531ef1
DeepInstinctMALICIOUS

How to remove Worm.Win32.Vobfus.efsv?

Worm.Win32.Vobfus.efsv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment