About “Generic.Ransom.GandCrab4.EA6CC57F” infection

The Generic.Ransom.GandCrab4.EA6CC57F is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Ransom.GandCrab4.EA6CC57F virus can do?

Sample contains Overlay data
Authenticode signature is invalid
CAPE detected the Gandcrab malware family

How to determine Generic.Ransom.GandCrab4.EA6CC57F?


File Info:
name: CBABF3F840D9119F6592.mlw
path: /opt/CAPEv2/storage/binaries/e6048e13c7f6a57b7c196912e1edf118334ea3e1f7ae40dc80566ce0e3138039
crc32: 1B10F395
md5: cbabf3f840d9119f6592503bb38ffc38
sha1: aa931eddd6d6df55f27608ad7c64ad14ed63405f
sha256: e6048e13c7f6a57b7c196912e1edf118334ea3e1f7ae40dc80566ce0e3138039
sha512: 760451c64651b993d89e92fd070fade12a6d033584139474a2674aa91d5f65e1816b51f73115e60456898d42d0675c42e121f5631a8f75d03563196c9285d3b2
ssdeep: 3072:ymjbWaMAvx2WSisuBiZ67CiIjqC1BNH50fdt:ymvB2WiViI2oQfb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14E342901B2D58526D063B231E1E1AEE05ED9BAB1BE3D550F63F8038D19D4CB16D26F8B
sha3_384: 2cf875ad0f7cdf13113e66b3275edd2ec9f335c7d99a4e1550afc3879d29f1868947947f04ad48e0634df4f770ee3dd7
ep_bytes: d86a6358668945da6a6d58668945dc6a
timestamp: 2018-10-03 11:18:06

Version Info:
0: [No Data]

Generic.Ransom.GandCrab4.EA6CC57F also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Generic.Ransom.GandCrab4.EA6CC57F
ClamAV	Win.Ransomware.Gandcrab-9764464-0
FireEye	Generic.mg.cbabf3f840d9119f
CAT-QuickHeal	Ransom.Gandcrab
McAfee	GenericRXAA-FA!CBABF3F840D9
Malwarebytes	Generic.Malware.AI.DDS
Sangfor	Ransom.Win32.Gandcrab_8.se
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.dd6d6d
BitDefenderTheta	Gen:NN.ZexaF.36722.puZ@aCoel6m
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Cynet	Malicious (score: 100)
BitDefender	Generic.Ransom.GandCrab4.EA6CC57F
Avast	Win32:Malware-gen
Tencent	Trojan-Ransom.Win32.Gandcrab.16000557
Emsisoft	Generic.Ransom.GandCrab4.EA6CC57F (B)
VIPRE	Generic.Ransom.GandCrab4.EA6CC57F
TrendMicro	Ransom.Win32.GANDCRAB.SM1
McAfee-GW-Edition	BehavesLike.Win32.Generic.dm
Sophos	Generic ML PUA (PUA)
SentinelOne	Static AI – Malicious PE
GData	Generic.Ransom.GandCrab4.EA6CC57F
Antiy-AVL	Trojan[Ransom]/Win32.GandCrypt.a
Arcabit	Generic.Ransom.GandCrab4.EA6CC57F
Microsoft	Ransom:Win32/GandCrab.SK!MTB
Google	Detected
AhnLab-V3	Trojan/Win32.Gandcrab.R254874
VBA32	TScope.Malware-Cryptor.SB
ALYac	Generic.Ransom.GandCrab4.EA6CC57F
MAX	malware (ai score=85)
Cylance	unsafe
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom.Win32.GANDCRAB.SM1
Rising	Ransom.GandCrab!1.B42B (CLASSIC)
Ikarus	Trojan-Ransom.GandCrab
MaxSecure	Trojan.Malware.105197948.susgen
Fortinet	W32/GandCrab.FC94!tr
AVG	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Generic.Ransom.GandCrab4.EA6CC57F?

Generic.Ransom.GandCrab4.EA6CC57F removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X