Ransom

Generic.Ransom.GandCrab.3C0EB3FE removal instruction

Malware Removal

The Generic.Ransom.GandCrab.3C0EB3FE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.GandCrab.3C0EB3FE virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Performs some HTTP requests
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Attempts to modify proxy settings

Related domains:

ipv4bot.whatismyipaddress.com
dns1.soprodns.ru
nomoreransom.coin
nomoreransom.bit
dns2.soprodns.ru
gandcrab.bit

How to determine Generic.Ransom.GandCrab.3C0EB3FE?



File Info:

crc32: 205057EF
md5: c303614241fba8598dd3f4ee5c74eb56
name: C303614241FBA8598DD3F4EE5C74EB56.mlw
sha1: f769f5157074955b3a52ddb85f33f544f878259e
sha256: ef3e8e00e22fc77b091a585eaa77d191339a60f0729d02e262ac8398cf6981ff
sha512: 65bc6633182574bba6c700d8c4f4cf9d43a59823190013a9d04882c7db325da9a7a6bd7ad5b536bac3ce6e9be199ddb8164aba56fe9848f4e1b70c4840241c56
ssdeep: 1536:lZZZZZZZZZZZZpXzzzzzzzzzzzzV9rXounV98hbHnAEMqqU+2bbbAV2/S2LNmHk:5BounVyFHFMqqDL2/LgHkc2
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed


Version Info:

0: [No Data]

Generic.Ransom.GandCrab.3C0EB3FE also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.GandCrab.3C0EB3FE
FireEyeGeneric.mg.c303614241fba859
McAfeeRansom-Gandcrab!C303614241FB
MalwarebytesRansom.GandCrab
ZillyaTrojan.Filecoder.Win32.7540
SangforWin.Ransomware.Gandcrab-6667060-0
K7AntiVirusTrojan ( 0053d33d1 )
BitDefenderGeneric.Ransom.GandCrab.3C0EB3FE
K7GWTrojan ( 0053d33d1 )
Cybereasonmalicious.241fba
BitDefenderThetaAI:Packer.433266BC1C
CyrenW32/S-69916e6d!Eldorado
SymantecRansom.GandCrab!g4
APEXMalicious
AvastWin32:RansomX-gen [Ransom]
ClamAVWin.Ransomware.Gandcrab-6502432-0
KasperskyHEUR:Trojan.Win32.Generic
AlibabaRansom:Win32/GandCrab.e402d776
NANO-AntivirusTrojan.Win32.Inject.eyyizx
RisingRansom.GandCrab!1.B8D6 (CLOUD)
Ad-AwareGeneric.Ransom.GandCrab.3C0EB3FE
TACHYONRansom/W32.GandCrab.99840.B
SophosML/PE-A + Mal/Palevo-B
ComodoPacked.Win32.MUPX.Gen@24tbus
F-SecureTrojan.TR/Crypt.XPACK.Gen3
DrWebTrojan.Encoder.24384
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom.Win32.GANDCRAB.SMILB
McAfee-GW-EditionBehavesLike.Win32.RansomGandcrab.nm
EmsisoftGeneric.Ransom.GandCrab.3C0EB3FE (B)
IkarusTrojan-Ransom.GandCrab
GDataGeneric.Ransom.GandCrab.3C0EB3FE
JiangminTrojan.Generic.bzhzc
AviraTR/Crypt.XPACK.Gen3
Antiy-AVLHackTool/Win32.Inject
GridinsoftRansom.Win32.Filecoder.bot!s1
ArcabitGeneric.Ransom.GandCrab.3C0EB3FE
SUPERAntiSpywareRansom.GandCrab/Variant
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftRansom:Win32/GandCrab.E
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Gandcrab.R255229
Acronissuspicious
VBA32BScope.Trojan.Chapak
ALYacGeneric.Ransom.GandCrab.3C0EB3FE
MAXmalware (ai score=100)
CylanceUnsafe
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Filecoder.GandCrab.H
TrendMicro-HouseCallRansom.Win32.GANDCRAB.SMILB
TencentTrojan.Win32.Gandcrab.e
YandexTrojan.GenAsa!N5wkFSylebY
SentinelOneStatic AI – Malicious PE
eGambitTrojan.Generic
FortinetW32/GandCrab.B!tr.ransom
AVGWin32:RansomX-gen [Ransom]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Win32/Trojan.Ransom.GandCrab.AF

How to remove Generic.Ransom.GandCrab.3C0EB3FE?

Generic.Ransom.GandCrab.3C0EB3FE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment