Ransom

How to remove “Generic.Ransom.Buhtrap.0B6888B6”?

Malware Removal

The Generic.Ransom.Buhtrap.0B6888B6 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Buhtrap.0B6888B6 virus can do?

  • Attempts to connect to a dead IP:Port (3 unique times)
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings

Related domains:

geoiptool.com
www.geodatatool.com
ocsp.comodoca.com
ocsp.usertrust.com
crl.usertrust.com

How to determine Generic.Ransom.Buhtrap.0B6888B6?



File Info:

crc32: D93902E1
md5: 43a791cfe3e906f15a432943088450a1
name: 43A791CFE3E906F15A432943088450A1.mlw
sha1: 0a2d12d30126385eb85d1ce88d06762bc429fb03
sha256: 7055e8438da61efa50058acd4e010c634f5e33352e2ee6d1f013572f004b7101
sha512: 372cb914052c02115f381e5dbc04d6885aa34a1dfa565b882eae7438681c1e14166b6bfbefb175cf2ca9cd036291057056b8c0a8b025c606c8a8f08eed4b466a
ssdeep: 6144:xyJE1brNNDw7AE9kgH16LGv2J4DQFu/U3buRKlemZ9DnGAeDMK3ITeaE+c:xUqNNDwpRV6LqM4DQFu/U3buRKlemZ9
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Generic.Ransom.Buhtrap.0B6888B6 also known as:

BkavW32.ChydoAgentLTH.Trojan
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.Buhtrap.0B6888B6
FireEyeGeneric.mg.43a791cfe3e906f1
CAT-QuickHealTrojan.Agent
ALYacTrojan.Ransom.VegaLocker
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.16846
SangforMalware
K7AntiVirusTrojan ( 0055c8001 )
BitDefenderGeneric.Ransom.Buhtrap.0B6888B6
K7GWTrojan ( 0055c8001 )
CrowdStrikewin/malicious_confidence_100% (D)
CyrenW32/Ransom.LV.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.Win32.Agent.gen
AlibabaRansom:Win32/generic.ali2000010
ViRobotTrojan.Win32.C.Agent.219648.A
TencentMalware.Win32.Gencirc.11b126e7
Ad-AwareGeneric.Ransom.Buhtrap.0B6888B6
EmsisoftGeneric.Ransom.Buhtrap.0B6888B6 (B)
F-SecureTrojan.TR/Redcap.xvdyg
DrWebTrojan.Encoder.33083
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom.Win32.ZEPPELIN.SMTH
McAfee-GW-EditionBehavesLike.Win32.Backdoor.dh
SophosMal/Generic-R + Mal/Behav-010
IkarusTrojan-Ransom.Buran
JiangminTrojan.Agent.czww
WebrootW32.Malware.Gen
AviraTR/Redcap.xvdyg
eGambitUnsafe.AI_Score_99%
MAXmalware (ai score=100)
Antiy-AVLTrojan[Ransom]/Win32.Buran.a
KingsoftWin32.Heur.KVMH017.a.(kcloud)
MicrosoftRansom:Win32/Zeppelin.A!MSR
GridinsoftRansom.Win32.Ransom.vb
ArcabitGeneric.Ransom.Buhtrap.0B6888B6
ZoneAlarmHEUR:Trojan.Win32.Agent.gen
GDataGeneric.Ransom.Buhtrap.0B6888B6
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.BuhTrap.R338445
McAfeeGenericRXKB-RP!43A791CFE3E9
VBA32BScope.TrojanRansom.Crypmod
MalwarebytesRansom.Zeppelin
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Filecoder.Buran.H
TrendMicro-HouseCallRansom.Win32.ZEPPELIN.SMTH
RisingTrojan.Filecoder!8.68 (TFE:5:4navaG19yqG)
YandexTrojan.Agent!o/I4WgH6w5A
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/Buran.H!tr.ransom
BitDefenderThetaAI:Packer.8BFF7B911E
AVGWin32:Malware-gen
Cybereasonmalicious.fe3e90
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.74b

How to remove Generic.Ransom.Buhtrap.0B6888B6?

Generic.Ransom.Buhtrap.0B6888B6 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment