Ransom

Generic.Ransom.FileCryptor.DDS removal

Malware Removal

The Generic.Ransom.FileCryptor.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.FileCryptor.DDS virus can do?

  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the Nitro malware family
  • Binary compilation timestomping detected

How to determine Generic.Ransom.FileCryptor.DDS?



File Info:

name: E59C087E7D76FC0B4410.mlw
path: /opt/CAPEv2/storage/binaries/0a3fe6221f0c48b938a5509b993891bd7076aa9cca0ed1071b89fba3ac2b6702
crc32: 11ED1BE4
md5: e59c087e7d76fc0b44101101aacaede1
sha1: 816cbc3cab558691150f81cfeed637e712373ce5
sha256: 0a3fe6221f0c48b938a5509b993891bd7076aa9cca0ed1071b89fba3ac2b6702
sha512: ea6772a21396795eb7132f73dded180f22a510d521a9d5dd1dafc31f654d95a3df854cb166bb2d934769f076ec54b33a065c734786d4fd4cbf6f53b258b54e0f
ssdeep: 768:QKsMqCXfVcWlQM9ZkiANIUL5YLDwUzc80gmq3oP/oDx:QKseSM9ZkiAPar/0O8/ot
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D553542852738A2DC47C82B815FB2F7C27B0AF565460C76D4A78D2AC3F277B68D10B56
sha3_384: 604d6febc4a907c88ef82fb422ff82c74d1360d173b0a85ddc874bf4fd76a005209d613ffdc0958b6dd72e58a4a4a4d1
ep_bytes: ff250020400000000000000000000000
timestamp: 2049-07-01 19:12:39


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: NitroRansomware
FileVersion: 1.0.0.0
InternalName: NitroRansomware.exe
LegalCopyright: Copyright ©  2021
LegalTrademarks: 
OriginalFilename: NitroRansomware.exe
ProductName: NitroRansomware
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Generic.Ransom.FileCryptor.DDS also known as:

BkavW32.AIDetectNet.01
MicroWorld-eScanIL:Trojan.MSILZilla.19713
ClamAVWin.Ransomware.Ransomx-9863383-0
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
ALYacIL:Trojan.MSILZilla.19713
VIPREIL:Trojan.MSILZilla.19713
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0057ab121 )
K7GWTrojan ( 0057ab121 )
Cybereasonmalicious.e7d76f
VirITTrojan.Win32.Encoder.BYCN
CyrenW32/Nitro.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Filecoder.AHT
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Ransom.Win32.Generic
BitDefenderIL:Trojan.MSILZilla.19713
AvastWin32:RansomX-gen [Ransom]
TencentTrojan.Win32.Agent.zi
Ad-AwareIL:Trojan.MSILZilla.19713
EmsisoftIL:Trojan.MSILZilla.19713 (B)
DrWebTrojan.Encoder.33865
TrendMicroRansom.MSIL.NITRO.SMA
McAfee-GW-EditionRansom-Nitro!E59C087E7D76
FireEyeGeneric.mg.e59c087e7d76fc0b
SophosTroj/Nitro-Gen
IkarusGen.Ransom
AviraHEUR/AGEN.1232324
MAXmalware (ai score=89)
MicrosoftRansom:MSIL/Nitro.MK!MTB
ArcabitIL:Trojan.MSILZilla.D4D01
GDataMSIL.Trojan-Stealer.AnarchyGrabber.C
GoogleDetected
AhnLab-V3Ransomware/Win.Nitro.R513732
Acronissuspicious
McAfeeRansom-Nitro!E59C087E7D76
TACHYONRansom/W32.DN-Nitro.62976
VBA32Ransom.MSIL.Nitro.Heur
MalwarebytesGeneric.Ransom.FileCryptor.DDS
RisingTrojan.Generic/MSIL@AI.100 (RDM.MSIL:NHes7PoGjbyZSVlLO6XZFQ)
SentinelOneStatic AI – Malicious PE
FortinetMSIL/Filecoder.43CF!tr.ransom
BitDefenderThetaGen:NN.ZemsilF.34796.dm0@aCPypGm
AVGWin32:RansomX-gen [Ransom]
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_90% (D)

How to remove Generic.Ransom.FileCryptor.DDS?

Generic.Ransom.FileCryptor.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment