Worm:Win32/Bropia.AI removal guide

Malware Removal

The Worm:Win32/Bropia.AI is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Worm:Win32/Bropia.AI virus can do?

  • Executable code extraction
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Worm:Win32/Bropia.AI?


File Info:

crc32: A84ECCE0
md5: 282611ba8c67197eb0e25100b50988d1
name: 282611BA8C67197EB0E25100B50988D1.mlw
sha1: 083ed4921596c9ca1fdeac21ea9d01e18d0961be
sha256: f0d7db1198a40c7852890c6f98ebe3cf31976223c047bb1b9826a5bd33550440
sha512: 4148443c65853609d25be9a92f5b214f8d9c1a7882d316831ff3f2767f31185bb61f31d6ce6123d99017998834ff76acb9d0f13716aa07403da3cf90c8fa9917
ssdeep: 3072:Koqx3TljogCxifnrdG58wU3Tc52W/UW5HF/pnsychpjhy8AHh:Ko2RsgCxenrd3wMTc52W/Z/poh1gDH
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: Accido
InternalName: Accido
FileVersion: 1.00
CompanyName: DISTS
LegalTrademarks: Accido
Comments: Accido
ProductName: Accido
ProductVersion: 1.00
FileDescription: Accido
OriginalFilename: Accido.exe

Worm:Win32/Bropia.AI also known as:

BkavW32.AIDetectGBM.malware.01
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.40337404
FireEyeGeneric.mg.282611ba8c67197e
Qihoo-360Win32/Worm.Generic.HgIASOQA
ALYacTrojan.GenericKD.40337404
CylanceUnsafe
VIPRETrojan.Win32.Generic.pak!cobra
SangforTrojan.Win32.Save.a
K7AntiVirusP2PWorm ( 0055e3ea1 )
BitDefenderTrojan.GenericKD.40337404
K7GWP2PWorm ( 0055e3ea1 )
Cybereasonmalicious.a8c671
CyrenW32/Kelvir.JWWC-5771
SymantecW32.SillyIM
TotalDefenseWin32/ForBot.OU
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packer.Morphine-6707441-0
KasperskyIM-Worm.Win32.Bropia.bb
AlibabaWorm:Win32/Bropia.d31f45b4
NANO-AntivirusTrojan.Win32.Wootbot.baxon
RisingWorm.VB!8.30 (CLOUD)
Ad-AwareTrojan.GenericKD.40337404
EmsisoftTrojan.GenericKD.40337404 (B)
ComodoWorm.Win32.VB.NDB@4hsa
F-SecureTrojan.TR/Dropper.Gen
DrWebTrojan.MulDrop.2293
ZillyaWorm.Bropia.Win32.29
TrendMicroWORM_WOOTBOT.GEN
McAfee-GW-EditionBehavesLike.Win32.VirRansom.ch
CMCGeneric.Win32.282611ba8c!MD
SophosMal/Generic-R
SentinelOneStatic AI – Suspicious PE
JiangminWorm.Bropia.d
WebrootWorm:Win32/Bropia.AI
AviraTR/Dropper.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan[Backdoor]/Win32.Wootbot
KingsoftWin32.Heur.KVM006.a.(kcloud)
MicrosoftWorm:Win32/Bropia.AI
ArcabitTrojan.Generic.D2677FFC
AegisLabWorm.Win32.VB.q!c
ZoneAlarmIM-Worm.Win32.Bropia.bb
GDataTrojan.GenericKD.40337404
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Banker.C39224
McAfeeArtemis!282611BA8C67
VBA32BScope.Trojan.Azden
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Multidropper.ANS
ESET-NOD32Win32/VB.NDB
TrendMicro-HouseCallWORM_WOOTBOT.GEN
TencentWin32.Worm-im.Bropia.Hpry
YandexTrojan.GenAsa!6H1VbUzPJ2Y
IkarusTrojan.Win32.Agobot
eGambitUnsafe.AI_Score_99%
FortinetW32/Sdbot.C!worm.im
BitDefenderThetaAI:Packer.784AE2F11F
AVGWin32:Evo-gen [Susp]
AvastWin32:Evo-gen [Susp]
CrowdStrikewin/malicious_confidence_60% (D)
MaxSecureTrojan.Malware.1199920.susgen

How to remove Worm:Win32/Bropia.AI?

Worm:Win32/Bropia.AI removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment