Dropped:Win32.Ramnit.A removal

The Dropped:Win32.Ramnit.A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Dropped:Win32.Ramnit.A virus can do?

Unconventionial language used in binary resources: Spanish (Modern)
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Dropped:Win32.Ramnit.A?


File Info:
name: 978D07904DAB5505491A.mlw
path: /opt/CAPEv2/storage/binaries/a5b156c3ca7e9eec303d56869620cb22a5d140b20e8e57e55ada097738c95f15
crc32: 0FC8A035
md5: 978d07904dab5505491a1df175696967
sha1: a3d52f292b9e68ca4af2f03be982f874e2d6b4e3
sha256: a5b156c3ca7e9eec303d56869620cb22a5d140b20e8e57e55ada097738c95f15
sha512: 44d98bbdc66753f22c36ddc2fc9136f83e106d5567405b807591ec8d5e492a0edd15ca5795927330fbbc7bad8dd380931eecae0bddaa3eedb7e9013bfe8c4db8
ssdeep: 24576:x2WI1vrVoUE85mgcF61CNgjjo8reO/EiNLZOWQrxc:UWmrVO85wFuEYrOW7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AA359E21B2E1C437D57316B08C6B82A56839BE602F2559C77BE43E0C5F786C2BB36257
sha3_384: a22ffa92a700f5adb219d2a3154056f81bda3d7dcd73d7f75263d3888ddf04a7b426d55a1af36e87e2d1accb8da8076f
ep_bytes: e8e2c20000e9000000006a146898a846
timestamp: 2016-01-05 07:44:35

Version Info:
0: [No Data]

Dropped:Win32.Ramnit.A also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Cosmu.lV4O
MicroWorld-eScan	Dropped:Win32.Ramnit.A
FireEye	Dropped:Win32.Ramnit.A
McAfee	Artemis!978D07904DAB
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Trojan.Win32.Dropped.Ramnit
Alibaba	Virus:Win32/Ramnit.102d9d41
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Trojan.Ramnit-1847
BitDefender	Dropped:Win32.Ramnit.A
Avast	Win32:Quolko
Tencent	Win32.Virus.Ramnit.Huft
Ad-Aware	Dropped:Win32.Ramnit.A
Emsisoft	Dropped:Win32.Ramnit.A (B)
DrWeb	Win32.Rmnet
Zillya	Trojan.Nimnul.Win32.7043
McAfee-GW-Edition	BehavesLike.Win32.Playtech.th
SentinelOne	Static AI – Suspicious PE
Avira	W32/Ramnit.CD
Microsoft	Trojan:Win32/Wacatac.B!ml
GData	Dropped:Win32.Ramnit.A
Cynet	Malicious (score: 99)
ALYac	Dropped:Win32.Ramnit.A
MAX	malware (ai score=80)
TrendMicro-HouseCall	TROJ_GEN.R002H0CF321
Ikarus	Virus.Win32.Ramnit
Fortinet	PossibleThreat
AVG	Win32:Quolko
Cybereason	malicious.04dab5
MaxSecure	Trojan.Malware.300983.susgen

How to remove Dropped:Win32.Ramnit.A?

Dropped:Win32.Ramnit.A removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X