Worm

Worm:Win32/VB.JL information

Malware Removal

The Worm:Win32/VB.JL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Worm:Win32/VB.JL virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Worm:Win32/VB.JL?



File Info:

name: B093EB382735F0A4F8C6.mlw
path: /opt/CAPEv2/storage/binaries/eccb7c8e36396c7e02fe90264052c42ca804527a8ab9c6220f46dbdfd44b4014
crc32: 0B2B5949
md5: b093eb382735f0a4f8c694fc305c1ae2
sha1: c561399345c85498aaf2e51845a1a3e84e9fb56d
sha256: eccb7c8e36396c7e02fe90264052c42ca804527a8ab9c6220f46dbdfd44b4014
sha512: 64f7059301f22e6ecafeb959ea142871fc0824a98afcd6dbcb303ef6dc9cb8bb58e3353c8f683a1f329033c914dae1424c4d66c8b3ba435a978280d8e1d7a90a
ssdeep: 3072:SBd11E2MtU7Qv0w4ZRRQMMDwtIMCeFP4ANA4oQZiEQzD:wdzE2R7Qvb4tQTaCeFP4A+WmX
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DFF3A42A7680F23ED425CAF5382A83A0947EEC3625D66C17F7C11B15B6F1DABD220753
sha3_384: a27fa39783cd644d0a9db7ab3ce6c1ec0d3204e464e5b1b9771609552d59a8302b5d011c014914394876493d1e793314
ep_bytes: 6868394000e8eeffffff000000000000
timestamp: 2000-01-10 01:33:18


Version Info:

Translation: 0x0409 0x04b0
ProductName: drbfdbYYfk
FileVersion: 1.00
ProductVersion: 1.00
InternalName: dpDiBfRiqf
OriginalFilename: dpDiBfRiqf.exe

Worm:Win32/VB.JL also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebTrojan.VbCrypt.60
MicroWorld-eScanGen:Trojan.Sresmon.Gen.1
FireEyeGeneric.mg.b093eb382735f0a4
CAT-QuickHealTrojan.Vobfus.gen
McAfeeVBObfus.bn
MalwarebytesMalware.AI.3612325351
SangforSuspicious.Win32.Save.vb
K7AntiVirusEmailWorm ( 0054d10f1 )
K7GWEmailWorm ( 0054d10f1 )
Cybereasonmalicious.82735f
BitDefenderThetaAI:Packer.79E4B7D11F
VirITWorm.Win32.VBNA.AWAG
CyrenW32/Vobfus.V.gen!Eldorado
SymantecW32.Changeup!gen35
tehtrisGeneric.Malware
ESET-NOD32Win32/Pronny.AC
APEXMalicious
ClamAVWin.Trojan.Changeup-6169544-0
KasperskyWorm.Win32.Vobfus.eryt
BitDefenderGen:Trojan.Sresmon.Gen.1
NANO-AntivirusTrojan.Win32.VB.ccdabr
TencentTrojan.Win32.Koobface.p
SophosMal/VB-XV
F-SecureWorm.WORM/VB.jla
BaiduWin32.Worm.Pronny.d
VIPREGen:Trojan.Sresmon.Gen.1
TrendMicroWORM_VOBFUS.SMAC
McAfee-GW-EditionBehavesLike.Win32.VBObfus.cm
Trapminemalicious.high.ml.score
EmsisoftGen:Trojan.Sresmon.Gen.1 (B)
SentinelOneStatic AI – Malicious PE
GDataGen:Trojan.Sresmon.Gen.1
GoogleDetected
AviraWORM/VB.jla
MAXmalware (ai score=86)
Antiy-AVLWorm/Win32.WBNA.gen
XcitiumTrojWare.Win32.VB.AVA@4paxk7
ArcabitTrojan.Sresmon.Gen.1
SUPERAntiSpywareTrojan.Agent/Gen-Vobfus
ZoneAlarmWorm.Win32.Vobfus.eryt
MicrosoftWorm:Win32/VB.JL
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Diple.R13793
VBA32Malware-Cryptor.VB.gen
TACHYONWorm/W32.Vobfus.159744.L
DeepInstinctMALICIOUS
Cylanceunsafe
PandaGeneric Malware
ZonerTrojan.Win32.88040
TrendMicro-HouseCallWORM_VOBFUS.SMAC
RisingWorm.Vobfus!1.99C7 (CLASSIC)
YandexTrojan.GenAsa!dkvjWaNX3jE
IkarusWorm.Win32.WBNA
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBKrypt.C!tr
AVGWin32:VB-ABDC [Drp]
AvastWin32:VB-ABDC [Drp]
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Worm:Win32/VB.JL?

Worm:Win32/VB.JL removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment