Categories: Ransom

Generic.MSIL.Ransomware.Jigsaw.BED2ECA0 (file analysis)

The Generic.MSIL.Ransomware.Jigsaw.BED2ECA0 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.MSIL.Ransomware.Jigsaw.BED2ECA0 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Generic.MSIL.Ransomware.Jigsaw.BED2ECA0?



File Info:

crc32: ABFD9C03md5: 4d295adcf412a361fc0b3e343f243ea7name: 4D295ADCF412A361FC0B3E343F243EA7.mlwsha1: b2a014f975e98bb419014e512175b57ff26e5dd0sha256: 1332b83d72c13c0f8d09f04bf558bc9ccf87e1ff1acddea64ad3550c3fb6ba07sha512: b52d7c64f1be1b22552f80314499854c99a6f8528b5f7030e5b1dbad811a23126a36d9262cedd51b4672216ff7856cb63e9493903531d9f1fd85f27b447ef43bssdeep: 6144:H9p+XrjqrrvU9CdCxrd3E75aClGH5lubnO/XaE8qq9mlXcmW9Q6i9/F6ydCM9Se:Ha7SrvngxrxE7rlrbOyE+9mlMj9Q6WNtype: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

LegalCopyright: Copyright(C) 2013 by FtpScripterInternalName: FtpScripter EditorFileVersion: 2.0.5.25CompanyName: Scripter, SALegalTrademarks: FtpScripterProductName: FtpScripterProductVersion: 2.0FileDescription: Scripter EditorOriginalFilename: FtpScripterEditor.exeTranslation: 0x0409 0x04e4

Generic.MSIL.Ransomware.Jigsaw.BED2ECA0 also known as:

K7AntiVirus Trojan ( 0053fc801 )
Lionic Trojan.Win32.Generic.4!c
Elastic malicious (high confidence)
ALYac Generic.MSIL.Ransomware.Jigsaw.BED2ECA0
Cylance Unsafe
CrowdStrike win/malicious_confidence_90% (D)
BitDefender Generic.MSIL.Ransomware.Jigsaw.BED2ECA0
K7GW Trojan ( 0053fc801 )
Cybereason malicious.cf412a
BitDefenderTheta Gen:NN.ZemsilF.34058.um0@am38ZIfi
Symantec ML.Attribute.HighConfidence
ESET-NOD32 multiple detections
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 100)
Kaspersky HEUR:Trojan-Banker.MSIL.BitStealer.gen
NANO-Antivirus Trojan.Win32.Redcap.eyhcvh
MicroWorld-eScan Generic.MSIL.Ransomware.Jigsaw.BED2ECA0
Tencent Win32.Trojan.Generic.Pdmn
Ad-Aware Generic.MSIL.Ransomware.Jigsaw.BED2ECA0
Sophos Mal/Generic-R + Troj/Jigsaw-L
Comodo Malware@#3bgq54bpetszc
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition BehavesLike.Win32.Generic.fc
FireEye Generic.mg.4d295adcf412a361
Emsisoft Generic.MSIL.Ransomware.Jigsaw.BED2ECA0 (B)
SentinelOne Static AI – Malicious PE
Jiangmin Trojan.Generic.fefel
Avira RKIT/Redcap.etkxw
eGambit Unsafe.AI_Score_99%
Microsoft Trojan:MSIL/Confuser.UI
GData Generic.MSIL.Ransomware.Jigsaw.BED2ECA0
Acronis suspicious
McAfee Artemis!4D295ADCF412
MAX malware (ai score=86)
Malwarebytes MachineLearning/Anomalous.100%
Ikarus Trojan.MSIL.NanoCore
Fortinet MSIL/CoinStealer.AA!tr.pws
Panda Trj/GdSda.A
Qihoo-360 Win32/Ransom.Generic.HwMAEpsA

How to remove Generic.MSIL.Ransomware.Jigsaw.BED2ECA0?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: a.tomx.xyzFtpScripter EditorGeneric.MSIL.Ransomware.Jigsaw.BED2ECA0z.whorecord.xyz
3 years ago

Recent Posts

MemScan:Worm.Bundpil.B information

The MemScan:Worm.Bundpil.B is considered dangerous by lots of security experts. When this infection is active,…

9 mins ago

Win32/Injector.DXUX malicious file

The Win32/Injector.DXUX is considered dangerous by lots of security experts. When this infection is active,…

13 mins ago

Zusy.419312 removal

The Zusy.419312 is considered dangerous by lots of security experts. When this infection is active,…

14 mins ago

Generic.Dacic.C6835568.A.9C2F4F0E information

The Generic.Dacic.C6835568.A.9C2F4F0E is considered dangerous by lots of security experts. When this infection is active,…

30 mins ago

How to remove “Fragtor.545276”?

The Fragtor.545276 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago

Malware.AI.4236857157 removal tips

The Malware.AI.4236857157 is considered dangerous by lots of security experts. When this infection is active,…

2 hours ago