Ransom

What is “Generic.Ransom.CryLock.1271E56A”?

Malware Removal

The Generic.Ransom.CryLock.1271E56A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.CryLock.1271E56A virus can do?

  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Unconventionial language used in binary resources: Russian
  • Writes a potential ransom message to disk
  • Anomalous binary characteristics

How to determine Generic.Ransom.CryLock.1271E56A?



File Info:

crc32: 9487C5A9
md5: 823ae67e74fd9e95a40c7d3e4d0d7805
name: upload_file
sha1: 5f232a9d4a00ff67a370e804fdbe195ef6c2717e
sha256: ede64c15feef1b185c1a4b5727972c8ad66f7dfe86a095921bf45bf872f8d0dd
sha512: 3d67041fec556659125c6c5616cf6525f1b531d681b3f4200614ed8583a06df9c78139684eec74e6abaae0fea17bea9cdb0d481ba2204e0c1e30cbe1eb10a672
ssdeep: 12288:nnkYRHEZn1RMhWkiRnsV1pjlwBnISUcE2tLdefesKxt5Z3y+pIhfJhkiMyrT/dv1:kYRkLRMhWK1vwoGLdEesKxt5Z3y+pIhx
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Generic.Ransom.CryLock.1271E56A also known as:

Qihoo-360Generic/Trojan.c63
McAfeeGenericRXLG-QQ!823AE67E74FD
CylanceUnsafe
AegisLabTrojan.Win32.Cryakl.j!c
SangforMalware
K7AntiVirusTrojan ( 004c1e461 )
BitDefenderDeepScan:Generic.Ransom.CryLock.1271E56A
K7GWTrojan ( 004c1e461 )
Cybereasonmalicious.d4a00f
ArcabitDeepScan:Generic.Ransom.CryLock.1271E56A
InvinceaMal/Generic-R + Mal/Delf-CL
CyrenW32/Filecoder.U.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Filecoder.EQ
APEXMalicious
CynetMalicious (score: 85)
KasperskyHEUR:Trojan-Ransom.Win32.Cryakl.gen
AlibabaRansom:Win32/FileCryptor.ea19adf2
NANO-AntivirusTrojan.Win32.Encoder.hljpwf
MicroWorld-eScanDeepScan:Generic.Ransom.CryLock.1271E56A
RisingRansom.CryLock!1.C7BA (CLASSIC)
Ad-AwareDeepScan:Generic.Ransom.CryLock.1271E56A
EmsisoftDeepScan:Generic.Ransom.CryLock.1271E56A (B)
ComodoMalware@#3v9amm8sdesj3
F-SecureTrojan.TR/FileCoder.dtrps
DrWebTrojan.Encoder.567
ZillyaTrojan.Filecoder.Win32.15068
TrendMicroRansom_FileCryptor.R002C0DGH20
McAfee-GW-EditionBehavesLike.Win32.Rootkit.jh
FireEyeGeneric.mg.823ae67e74fd9e95
SophosMal/Delf-CL
AviraTR/FileCoder.dtrps
MAXmalware (ai score=100)
Antiy-AVLTrojan[Ransom]/Win32.Cryakl
MicrosoftRansom:Win32/FileCryptor.K!MTB
ViRobotTrojan.Win32.Z.Filecoder.681984
ZoneAlarmHEUR:Trojan-Ransom.Win32.Cryakl.gen
GDataDeepScan:Generic.Ransom.CryLock.1271E56A
AhnLab-V3Malware/Win32.Generic.C4093781
BitDefenderThetaGen:NN.ZelphiF.34570.PGW@aOgCwKbc
ALYacTrojan.Ransom.Cryakl
VBA32TScope.Trojan.Delf
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_FileCryptor.R002C0DGH20
YandexTrojan.Filecoder!neSeGMyGhSg
IkarusTrojan-Ransom.FileCrypter
eGambitUnsafe.AI_Score_99%
FortinetW32/Filecoder.EQ!tr.ransom
AVGWin32:Trojan-gen
AvastWin32:Trojan-gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Generic.Ransom.CryLock.1271E56A?

Generic.Ransom.CryLock.1271E56A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment