Generic.Ransom.Amnesia.A90F92FF malicious file

Malware Removal

The Generic.Ransom.Amnesia.A90F92FF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Generic.Ransom.Amnesia.A90F92FF virus can do?

  • Attempts to connect to a dead IP:Port (4 unique times)
  • Possible date expiration check, exits too soon after checking local time
  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Attempts to delete volume shadow copies
  • Modifies boot configuration settings
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Writes a potential ransom message to disk
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Clears Windows events or logs
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz
iplogger.co
iplogger.org
ocsp.comodoca.com
ocsp.usertrust.com
ocsp.sectigo.com
crl.usertrust.com

How to determine Generic.Ransom.Amnesia.A90F92FF?


File Info:

crc32: A3AC5D97
md5: 68b418040b73dacfae3403f11e3d3cc6
name: 68B418040B73DACFAE3403F11E3D3CC6.mlw
sha1: 129df5e9372f73442ab92224a8acdfd2ad86e8ae
sha256: d39ab4c34e33c4da457beeb1474bfffad7d6e5f20a49a4e13eda3b91b6472a40
sha512: f56e144e6b71ea19b3cda6ff7c58871af16b406d1457d1f4196a7c04cdf760196dcacd7b43f42d317d2ec485b76ef9f7b5c11837c773f57592d49716c03331e5
ssdeep: 6144:kfKvypM+04Hw/W8BBoxvEv1BnfKvypM+04Hw/W8BBoxvEv1B:kjpM+K/WwOI1jpM+K/WwOI
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows

Version Info:

0: [No Data]

Generic.Ransom.Amnesia.A90F92FF also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.26375
CynetMalicious (score: 100)
ALYacDeepScan:Generic.Ransom.Amnesia.A90F92FF
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
Cybereasonmalicious.40b73d
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Filecoder.FS
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Ransomware.Deepscan-6975721-0
KasperskyHEUR:Trojan-Ransom.Win32.Generic
BitDefenderDeepScan:Generic.Ransom.Amnesia.A90F92FF
NANO-AntivirusTrojan.Win32.Agent.eylnmv
MicroWorld-eScanDeepScan:Generic.Ransom.Amnesia.A90F92FF
TencentMalware.Win32.Gencirc.11494fc3
Ad-AwareDeepScan:Generic.Ransom.Amnesia.A90F92FF
SophosML/PE-A
ComodoTrojWare.Win32.TrojanDownloader.Delf.gen@1xqow5
BitDefenderThetaAI:Packer.D71942341F
VIPREFraudTool.Win32.SecurityShield.ek!c (v)
TrendMicroMal_Purge
McAfee-GW-EditionBehavesLike.Win32.Generic.gm
FireEyeGeneric.mg.68b418040b73dacf
EmsisoftDeepScan:Generic.Ransom.Amnesia.A90F92FF (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Patched.Ren.Gen
eGambitUnsafe.AI_Score_96%
MicrosoftRansom:Win32/Pulobe.RB!MSR
GDataDeepScan:Generic.Ransom.Amnesia.A90F92FF
AhnLab-V3Trojan/Win32.Scarab.R213792
Acronissuspicious
McAfeeGenericRXDM-JB!68B418040B73
MAXmalware (ai score=97)
VBA32BScope.Trojan.Encoder
MalwarebytesMalware.AI.1573381350
PandaTrj/CI.A
TrendMicro-HouseCallMal_Purge
RisingRansom.Scarab!1.BACD (CLASSIC)
YandexTrojan.Filecoder!xpNM1Gpt7Xc
IkarusTrojan-Ransom.FileCrypter
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Msht.GJ!tr
AVGWin32:Malware-gen

How to remove Generic.Ransom.Amnesia.A90F92FF?

Generic.Ransom.Amnesia.A90F92FF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment