Ransom

What is “Generic.Ransom.Balaclava.1EE6DFA2”?

Malware Removal

The Generic.Ransom.Balaclava.1EE6DFA2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Balaclava.1EE6DFA2 virus can do?

  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Likely virus infection of existing system binary
  • Anomalous binary characteristics

How to determine Generic.Ransom.Balaclava.1EE6DFA2?



File Info:

crc32: 218DDA30
md5: 0ecfdc386b4876c4fea7deddfc9649f4
name: upload_file
sha1: 2a7805af4ce551bb7d6f03915b361e4413f125bc
sha256: 355b8ed7476cf09a8c510e1442fa57ca1ade6c54a7306522a6e48f34e8905bda
sha512: f3c69bbd3e19949367a4cd88cb4b33576cb3d6879ef55a93bca742f6a2fec6eadcd13cb45420b5a0fe5cbeba216073bfa91c24c20741369c5cc34f4866417b14
ssdeep: 1536:Od65jkn9gy/t8il1VXxyY/Joa2lJ7uSHdHwVz:T5jkn9gy/tNpBjoZJ71Hwd
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Generic.Ransom.Balaclava.1EE6DFA2 also known as:

BkavW32.AIDetectVM.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.Balaclava.1EE6DFA2
McAfeeGenericRXJI-FV!0ECFDC386B48
MalwarebytesRansom.DavesSmith
AegisLabTrojan.Win32.Malicious.4!c
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderGeneric.Ransom.Balaclava.1EE6DFA2
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.f4ce55
SymantecML.Attribute.HighConfidence
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Ransom.Win32.Crypren.afyz
AlibabaRansom:Win32/Crypren.bd0c873e
Ad-AwareGeneric.Ransom.Balaclava.1EE6DFA2
EmsisoftGeneric.Ransom.Balaclava.1EE6DFA2 (B)
ComodoMalware@#v9b4k2j1eif2
F-SecureHeuristic.HEUR/AGEN.1117719
DrWebTrojan.Encoder.30848
ZillyaTrojan.Crypren.Win32.1059
InvinceaMal/Generic-S
McAfee-GW-EditionBehavesLike.Win32.Infected.km
MaxSecureTrojan.Malware.74656787.susgen
FireEyeGeneric.mg.0ecfdc386b4876c4
SophosMal/Generic-S
SentinelOneDFI – Malicious PE
JiangminTrojan.Crypren.sy
WebrootW32.Ransom.Gen
AviraHEUR/AGEN.1117719
MAXmalware (ai score=81)
MicrosoftRansom:Win32/Filecoder!MSR
ArcabitGeneric.Ransom.Balaclava.1EE6DFA2
ZoneAlarmTrojan-Ransom.Win32.Crypren.afyz
GDataGeneric.Ransom.Balaclava.1EE6DFA2
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.Generic.C3863623
Acronissuspicious
ALYacGeneric.Ransom.Balaclava.1EE6DFA2
VBA32BScope.TrojanRansom.Crypren
CylanceUnsafe
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Filecoder.NYS
RisingRansom.Agent!1.C2EB (CLASSIC)
IkarusP2P-Worm.Win32.SpyBot
FortinetW32/Crypren.AFYZ!tr.ransom
BitDefenderThetaGen:NN.ZexaF.34298.eeW@aKPQILi
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Trojan.Ransom.052

How to remove Generic.Ransom.Balaclava.1EE6DFA2?

Generic.Ransom.Balaclava.1EE6DFA2 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment