Ransom

Generic.Ransom.Buhtrap.92F08575 removal instruction

Malware Removal

The Generic.Ransom.Buhtrap.92F08575 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Buhtrap.92F08575 virus can do?

  • Attempts to connect to a dead IP:Port (3 unique times)
  • Possible date expiration check, exits too soon after checking local time
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Installs itself for autorun at Windows startup

Related domains:

geoiptool.com
www.geodatatool.com
ocsp.comodoca.com
ocsp.usertrust.com
crl.usertrust.com

How to determine Generic.Ransom.Buhtrap.92F08575?



File Info:

crc32: AFE0133C
md5: 8a66769ca518b03edbbf122b92469714
name: 8A66769CA518B03EDBBF122B92469714.mlw
sha1: 00357e5f13cc76687546f7f250f5de13556b1611
sha256: cdeb7c9d8a737dc03c7bc81d99b72d253dc5d61f67c0796309a8285a36c73775
sha512: ace377b47d74a4fc6b837a094981c66785329d31719755002cfb9d57604b4fec0e69bacfeb70103e0dd995fde5c5fd25782dc1cfe73be9d2bc5a0ffe295c6da4
ssdeep: 6144:IyJE1yd7WKJmcyf8yGw44DQFu/U3buRKlemZ9DnGAeKMTHAoV+:IU/d7Wvv0yGP4DQFu/U3buRKlemZ9Dn
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Generic.Ransom.Buhtrap.92F08575 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 0055c8001 )
Elasticmalicious (high confidence)
DrWebDLOADER.Trojan
CynetMalicious (score: 100)
CAT-QuickHealTrojan.AgentIH.S18008568
ALYacGeneric.Ransom.Buhtrap.92F08575
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
K7GWTrojan ( 0055c8001 )
Cybereasonmalicious.ca518b
CyrenW32/Ransom.LV.gen!Eldorado
ESET-NOD32a variant of Win32/Filecoder.Buran.J
APEXMalicious
AvastWin32:Trojan-gen
KasperskyHEUR:Trojan.Win32.Agent.gen
BitDefenderGeneric.Ransom.Buhtrap.92F08575
MicroWorld-eScanGeneric.Ransom.Buhtrap.92F08575
Ad-AwareGeneric.Ransom.Buhtrap.92F08575
SophosML/PE-A + Mal/Behav-010
BitDefenderThetaAI:Packer.C1E8DBCC1F
TrendMicroRansom.Win32.ZEPPELIN.SMTH
McAfee-GW-EditionBehavesLike.Win32.ExploitMydoom.dh
FireEyeGeneric.mg.8a66769ca518b03e
EmsisoftGeneric.Ransom.Buhtrap.92F08575 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/Malware
Antiy-AVLTrojan/Generic.ASCommon.195
MicrosoftRansom:Win32/Zeppelin.A!MSR
ArcabitGeneric.Ransom.Buhtrap.92F08575
GDataGeneric.Ransom.Buhtrap.92F08575
AhnLab-V3Trojan/Win32.BuhTrap.R338445
McAfeeGenericRXPF-LP!8A66769CA518
MAXmalware (ai score=85)
VBA32BScope.TrojanRansom.Crypmod
MalwarebytesRansom.Zeppelin
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom.Win32.ZEPPELIN.SMTH
RisingRansom.Zeppelin!1.D4C1 (CLASSIC)
YandexTrojan.GenAsa!CxfKQU+AivY
IkarusTrojan-Ransom.Buran
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Buran.H!tr.ransom
AVGWin32:Trojan-gen
Qihoo-360HEUR/QVM05.1.8E67.Malware.Gen

How to remove Generic.Ransom.Buhtrap.92F08575?

Generic.Ransom.Buhtrap.92F08575 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment