Ransom

Generic.Ransom.Amnesia.A02E4A60 (file analysis)

Malware Removal

The Generic.Ransom.Amnesia.A02E4A60 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Amnesia.A02E4A60 virus can do?

  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Attempts to delete volume shadow copies
  • Modifies boot configuration settings
  • Installs itself for autorun at Windows startup
  • Writes a potential ransom message to disk
  • Clears Windows events or logs
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Generic.Ransom.Amnesia.A02E4A60?



File Info:

crc32: 0E672082
md5: b4b9545220280e814969c3d8435d70d5
name: B4B9545220280E814969C3D8435D70D5.mlw
sha1: 4f130c29aaab1c74ab7a6e8a55a2eebbacc2cc21
sha256: 43501071e18d93a665f2e616fba6d1876bef71fadc1adc0f198f31c7f858822a
sha512: 4b6c328d86112d8beb59acbf2faa1464102d7b9308a048b67fb95537ed7acb60f9b62d9cc26e5a375b036b1689d40d71f133ceeacbf429d102cfe833aec9fc7d
ssdeep: 3072:IBp4xwPY4yZpfyFa86ShttWrIQGEyGuG6WDPk:IBp46Y4aVFUtWEtEi
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows


Version Info:

0: [No Data]

Generic.Ransom.Amnesia.A02E4A60 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanDeepScan:Generic.Ransom.Amnesia.A02E4A60
FireEyeGeneric.mg.b4b9545220280e81
CAT-QuickHealTrojanransom.Generic
ALYacDeepScan:Generic.Ransom.Amnesia.A02E4A60
CylanceUnsafe
VIPREFraudTool.Win32.SecurityShield.ek!c (v)
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004f6e981 )
BitDefenderDeepScan:Generic.Ransom.Amnesia.A02E4A60
K7GWTrojan ( 004f6e981 )
Cybereasonmalicious.220280
BitDefenderThetaAI:Packer.E61CA4271F
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Filecoder.FS
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Ransomware.Scarab-6336012-1
KasperskyHEUR:Trojan-Ransom.Win32.Generic
NANO-AntivirusTrojan.Win32.Filecoder.epnzwg
RisingRansom.Blocker!8.12A (CLOUD)
Ad-AwareDeepScan:Generic.Ransom.Amnesia.A02E4A60
EmsisoftDeepScan:Generic.Ransom.Amnesia.A02E4A60 (B)
ComodoTrojWare.Win32.TrojanDownloader.Delf.gen@1xqow5
F-SecureDropper.DR/Delphi.Gen7
DrWebTrojan.Encoder.11464
ZillyaTrojan.Filecoder.Win32.17450
TrendMicroMal_Purge
McAfee-GW-EditionBehavesLike.Win32.Sytro.ch
SophosML/PE-A + Mal/DelpDldr-F
IkarusTrojan.Win32.Lnkhyd
JiangminTrojan/Vilsel.agia
AviraDR/Delphi.Gen7
Antiy-AVLTrojan/Win32.AGeneric
MicrosoftRansom:Win32/Amnesia.VSB!MTB
ArcabitDeepScan:Generic.Ransom.Amnesia.A02E4A60
AhnLab-V3Malware/Win32.Generic.C4294864
ZoneAlarmHEUR:Trojan-Ransom.Win32.Generic
GDataDeepScan:Generic.Ransom.Amnesia.A02E4A60
CynetMalicious (score: 100)
Acronissuspicious
McAfeeRansom-Amnesia!B4B954522028
MAXmalware (ai score=81)
VBA32BScope.TrojanRansom.Kitoles
MalwarebytesMalware.AI.3932874182
PandaTrj/RansomCrypt.D
TrendMicro-HouseCallMal_Purge
TencentWin32.Trojan.Raas.Auto
YandexTrojan.GenAsa!Dy18OPPLTiI
SentinelOneStatic AI – Malicious PE
FortinetW32/Filecoder.FS!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360HEUR/QVM05.1.A270.Malware.Gen

How to remove Generic.Ransom.Amnesia.A02E4A60?

Generic.Ransom.Amnesia.A02E4A60 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment