Ransom

Generic.MSIL.Ransomware.Jigsaw.0F28FB49 removal guide

Malware Removal

The Generic.MSIL.Ransomware.Jigsaw.0F28FB49 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Ransomware.Jigsaw.0F28FB49 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself

How to determine Generic.MSIL.Ransomware.Jigsaw.0F28FB49?



File Info:

crc32: 5B08CA5E
md5: d22498460a4c050fa8967ed5ffe0da0f
name: D22498460A4C050FA8967ED5FFE0DA0F.mlw
sha1: 3ed5bb910a41b66b5258aa9922dcc819b7ad2108
sha256: 2c5f52552c4236752fea7062f5a931b57cd76a81fc5ed59b408de150e4005ea7
sha512: d0325b8b6c89cf9f646d289d08d12c0083bbf8261135d34db59d511c8381df6b38b2fabcb0c12f1360de36a376312c80cc6f5ea8b8b1f67e8302de10ddcc0b12
ssdeep: 6144:UHmamc5YouQidIGcYaeDb3Aftfe0J0wfyGbMmkK1IpwktpnfntvqPzaHcBU7gyj:6mcdIaYr3aJqwRbMWkXfRqPzTeD
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

LegalCopyright: (c) Angus Johnson 1999-2015
InternalName: ResHack
FileVersion: 4.2.5.146
CompanyName: Angus Johnson
ProductName: ResHack
FileVersion2: Release Candidate 3
ProductVersion: 4.0.0.0
FileDescription: Resource viewer, decompiler & recompiler
OriginalFilename: ResHack
Translation: 0x0409 0x04e4

Generic.MSIL.Ransomware.Jigsaw.0F28FB49 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop8.4157
ALYacGeneric.MSIL.Ransomware.Jigsaw.0F28FB49
CylanceUnsafe
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
K7GWTrojan ( 0053fc801 )
K7AntiVirusTrojan ( 0053fc801 )
ESET-NOD32multiple detections
APEXMalicious
AvastWin32:PWSX-gen [Trj]
CynetMalicious (score: 100)
KasperskyTrojan.Win32.Phny.se
BitDefenderGeneric.MSIL.Ransomware.Jigsaw.0F28FB49
NANO-AntivirusTrojan.Win32.Jigsaw.ezgpuv
MicroWorld-eScanGeneric.MSIL.Ransomware.Jigsaw.0F28FB49
TencentWin32.Trojan.Phny.Wnvo
Ad-AwareGeneric.MSIL.Ransomware.Jigsaw.0F28FB49
SophosTroj/Jigsaw-L
ComodoMalware@#31le407k6b8gm
BitDefenderThetaGen:NN.ZemsilF.34170.Dm0@aO2lEAdi
VIPRETrojan.Win32.Generic!BT
FireEyeGeneric.mg.d22498460a4c050f
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.fefel
AviraHEUR/AGEN.1109336
eGambitUnsafe.AI_Score_99%
MicrosoftTrojan:MSIL/Confuser.UI
ArcabitGeneric.MSIL.Ransomware.Jigsaw.0F28FB49
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGeneric.MSIL.Ransomware.Jigsaw.0F28FB49
AhnLab-V3Trojan/Win32.RL_Agent.C4037984
McAfeeArtemis!D22498460A4C
MAXmalware (ai score=95)
MalwarebytesMachineLearning/Anomalous.100%
PandaTrj/GdSda.A
IkarusTrojan.MSIL.NanoCore
FortinetMSIL/CoinStealer.AA!tr.pws
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml

How to remove Generic.MSIL.Ransomware.Jigsaw.0F28FB49?

Generic.MSIL.Ransomware.Jigsaw.0F28FB49 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment