Ransom

Generic.Ransom.Hermes.B6F1E974 (file analysis)

Malware Removal

The Generic.Ransom.Hermes.B6F1E974 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Hermes.B6F1E974 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • The executable is compressed using UPX
  • Uses Windows utilities for basic functionality
  • Attempts to stop active services
  • Exhibits possible ransomware file modification behavior
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Generic.Ransom.Hermes.B6F1E974?



File Info:

crc32: 5AE18D45
md5: 7c10cbeef49f0419899d8024be4abc47
name: 7C10CBEEF49F0419899D8024BE4ABC47.mlw
sha1: ac804313c2457bb45e53acfb21155ff916356d78
sha256: d839eeaa5022351b31e99af5fe8e51d82820545fc0caddc417fe387f9989a24c
sha512: d9573699e4a683ee912343e5c78f1fe7e9307865b6bf0faab32c170cf0b000f5b208d15264bf7cb43750d713f11bd156a71f67e75d3409a66caab6ebc26f1424
ssdeep: 3072:NrGT7pglo+CacUZak3weUScI/MztVhjYDxH:ZGTuJcUEkc4
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, UPX compressed


Version Info:

0: [No Data]

Generic.Ransom.Hermes.B6F1E974 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005505341 )
LionicTrojan.Win32.Ryuk.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.10700
CynetMalicious (score: 100)
CAT-QuickHealTrojan.GenericRI.S16459587
ALYacTrojan.Ransom.Ryuk
CylanceUnsafe
ZillyaTrojan.Generic.Win32.882109
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Ryuk.ali1020007
K7GWTrojan ( 005505341 )
Cybereasonmalicious.ef49f0
CyrenW32/Ransom.AMGB-2408
ESET-NOD32a variant of Win32/Filecoder.Ryuk.D
AvastWin32:RansomX-gen [Ransom]
ClamAVWin.Ransomware.Ryuk-9859740-0
KasperskyHEUR:Trojan-Ransom.Win32.Cryptor.gen
BitDefenderDeepScan:Generic.Ransom.Hermes.B6F1E974
NANO-AntivirusTrojan.Win32.Filecoder.fsqyip
MicroWorld-eScanDeepScan:Generic.Ransom.Hermes.B6F1E974
TencentWin32.Trojan.Cryptor.Ahoi
Ad-AwareDeepScan:Generic.Ransom.Hermes.B6F1E974
SophosMal/Generic-R + Troj/Ryuk-F
ComodoPacked.Win32.MUPX.Gen@24tbus
BitDefenderThetaAI:Packer.01AD36611E
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_Ryuk.R002C0DG921
McAfee-GW-EditionBehavesLike.Win32.Generic.dt
FireEyeGeneric.mg.7c10cbeef49f0419
EmsisoftDeepScan:Generic.Ransom.Hermes.B6F1E974 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Invader.cew
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Generic.ASMalwS.2BFF79E
MicrosoftRansom:Win32/Ryuk.DB!MTB
ArcabitDeepScan:Generic.Ransom.Hermes.B6F1E974
GDataDeepScan:Generic.Ransom.Hermes.B6F1E974
AhnLab-V3Malware/Win32.Generic.C4220966
Acronissuspicious
McAfeeGenericRXHX-KG!7C10CBEEF49F
MAXmalware (ai score=100)
VBA32BScope.Trojan.Invader
MalwarebytesRansom.Ryuk
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_Ryuk.R002C0DG921
RisingRansom.Ryuk!1.B855 (CLASSIC)
YandexTrojan.Filecoder!zAMeA34JzSE
IkarusTrojan-Ransom.Ryuk
MaxSecureTrojan.Malware.73657187.susgen
FortinetW32/Ryuk.MTB!tr.ransom
AVGWin32:RansomX-gen [Ransom]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Ryuk.HwoCVHwA

How to remove Generic.Ransom.Hermes.B6F1E974?

Generic.Ransom.Hermes.B6F1E974 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment