Generic.Ransom.Enigma.9BBD503B (file analysis)

The Generic.Ransom.Enigma.9BBD503B is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic.Ransom.Enigma.9BBD503B virus can do?

A process attempted to delay the analysis task.
A process created a hidden window
Uses Windows utilities for basic functionality
Attempts to delete volume shadow copies
Installs itself for autorun at Windows startup
Exhibits possible ransomware file modification behavior
Attempts to interact with an Alternate Data Stream (ADS)
Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Generic.Ransom.Enigma.9BBD503B?


File Info:
crc32: 6D931973
md5: d679d43e5a0d885244ec570f77dde065
name: D679D43E5A0D885244EC570F77DDE065.mlw
sha1: 1e4fc669bf45728e87ad9a4e11266760f2be048c
sha256: fc71c64e019742b8c63a6592a892269720694c623e69ec932ab4a95018bbbc92
sha512: 55200dacf0c3e7bec3a733064cc27707522b9f0636fe5e51c8c2f083519003312f085eee21f7fd244611dd3f713180d38e95829b82989f376298a5b9f230722a
ssdeep: 6144:07UOKy0qK8X1eSa/6/QW4QS3JMfQk0slW:kUO4H8XkSa/6/uSYTslW
type: PE32 executable (console) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Generic.Ransom.Enigma.9BBD503B also known as:

K7AntiVirus	Trojan ( 0055e3ef1 )
Lionic	Trojan.Win32.Crynigma.j!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.5384
Cynet	Malicious (score: 99)
CAT-QuickHeal	Trojan.Dynamer.S17976
ALYac	DeepScan:Generic.Ransom.Enigma.9BBD503B
Cylance	Unsafe
CrowdStrike	win/malicious_confidence_60% (D)
Alibaba	Trojan:Win32/Enigma.44682a41
K7GW	Trojan ( 0055e3ef1 )
Cybereason	malicious.e5a0d8
Cyren	W32/S-d9895c18!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Filecoder.Enigma.F
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Malware.Buho-7564755-0
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	DeepScan:Generic.Ransom.Enigma.9BBD503B
NANO-Antivirus	Trojan.Win32.Encoder.efmblc
MicroWorld-eScan	DeepScan:Generic.Ransom.Enigma.9BBD503B
Tencent	Win32.Trojan.Crynigma.Wrgj
Ad-Aware	DeepScan:Generic.Ransom.Enigma.9BBD503B
Sophos	Mal/Generic-S
Comodo	Malware@#190gu1v2uw6ho
F-Secure	Heuristic.HEUR/AGEN.1126848
BitDefenderTheta	Gen:NN.ZexaF.34110.puW@a4aqcQni
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	Artemis!Trojan
FireEye	Generic.mg.d679d43e5a0d8852
Emsisoft	DeepScan:Generic.Ransom.Enigma.9BBD503B (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Crynigma.j
Avira	HEUR/AGEN.1126848
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan[Ransom]/Win32.Crynigma
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Ransom:Win32/Aicat.A!ml
Arcabit	DeepScan:Generic.Ransom.Enigma.9BBD503B
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	DeepScan:Generic.Ransom.Enigma.9BBD503B
AhnLab-V3	Trojan/Win32.Crynigma.C1521794
McAfee	Artemis!D679D43E5A0D
MAX	malware (ai score=86)
VBA32	Hoax.Crynigma
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/GdSda.A
Rising	Trojan.Generic@ML.100 (RDML:IiFNiv4m+XQk2XFWD1G7eQ)
Yandex	Trojan.GenAsa!9IcFrHRb5Ok
Ikarus	Trojan-Ransom.Enigma
Fortinet	W32/Generic.AP.13E0C!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Generic.Ransom.Enigma.9BBD503B?

Generic.Ransom.Enigma.9BBD503B removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Generic.Ransom.Enigma.9BBD503B (file analysis)