Categories: Ransom

About “Generic.Ransom.Hiddentear.A.56D4761C” infection

The Generic.Ransom.Hiddentear.A.56D4761C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Hiddentear.A.56D4761C virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • CAPE detected the StormKitty malware family
  • Binary compilation timestomping detected

How to determine Generic.Ransom.Hiddentear.A.56D4761C?



File Info:

name: A3295052BC7FD9E663A3.mlwpath: /opt/CAPEv2/storage/binaries/2c2a1a9c7e980851fb72a962411a1881e2c826a8c17383803e9d9ba2e6dea691crc32: 38A250F0md5: a3295052bc7fd9e663a32e8faeb83e01sha1: 5fd5dc4f9f66b8eaa8d18d5ee366960c858b7834sha256: 2c2a1a9c7e980851fb72a962411a1881e2c826a8c17383803e9d9ba2e6dea691sha512: 95384f823862dc0d034b67f7a30419ee09bcf4899d886826a07982c3ad843cb11caeecfffbc3eba5c712f83ffc54f473d7743e561b1e2da6784dd9f3cc71675assdeep: 6144:qeZKNlWc/gqXKq8+RigIWU+Ydm0UAN0kEma9bm:JZKNlWcBaq8+RnWm0UANvEmtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1BB545B1437EC4B26E2FE5FB9E4B1112583B1B463752EDB8F5C9A28EE1D523809510BB3sha3_384: abd14cccecc461a1838dbd3405a36c0af967d9005042f97133c266d6d72c6c794e3875d334dc837d5ab09a3eeb246abdep_bytes: ff250020400000000000000000000000timestamp: 2048-01-28 02:14:53

Version Info:

Comments: I am not responsible for all your actions, the program is designed to test for PC vulnerabilitiesCompanyName: © DarkBlood Malware projectFileDescription: Virus software stealer for stealing accounts, wallets, etc.FileVersion: 1.0.0.0InternalName: DarkStealer.exeLegalCopyright: Copyright DarkBlood Malware ©  2021LegalTrademarks: DarkBloodOriginalFilename: DarkStealer.exeProductName: DarkStealerProductVersion: 1.1.0.0Assembly Version: 1.1.0.0Translation: 0x0000 0x04b0

Generic.Ransom.Hiddentear.A.56D4761C also known as:

Bkav W32.AIDetectNet.01
Lionic Trojan.MSIL.Shelpak.4!c
MicroWorld-eScan Generic.Ransom.Hiddentear.A.56D4761C
FireEye Generic.mg.a3295052bc7fd9e6
CAT-QuickHeal Trojan.YakbeexMSIL.ZZ4
ALYac Generic.Ransom.Hiddentear.A.56D4761C
Cylance Unsafe
Sangfor Suspicious.Win32.Save.a
K7AntiVirus Password-Stealer ( 0056c3751 )
Alibaba Trojan:MSIL/CryptInject.415cb35d
K7GW Password-Stealer ( 0056c3751 )
Cybereason malicious.2bc7fd
BitDefenderTheta Gen:NN.ZemsilF.34806.sm0@ayNv8Em
Cyren W32/Stealer.AK.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 a variant of MSIL/PSW.Agent.RXP
APEX Malicious
Paloalto generic.ml
Kaspersky HEUR:Trojan.MSIL.Shelpak.gen
BitDefender Generic.Ransom.Hiddentear.A.56D4761C
Avast Win32:KeyloggerX-gen [Trj]
Tencent Win32.Trojan.Generic.Ljjt
Ad-Aware Generic.Ransom.Hiddentear.A.56D4761C
Emsisoft Generic.Ransom.Hiddentear.A.56D4761C (B)
DrWeb Trojan.PWS.StealerNET.74
VIPRE Generic.Ransom.Hiddentear.A.56D4761C
McAfee-GW-Edition Fareit-FWC!A3295052BC7F
Sophos Mal/Generic-S
Ikarus Trojan-Spy.Echelon
Jiangmin Trojan.MSIL.aluhv
Avira HEUR/AGEN.1247913
Antiy-AVL Trojan/Generic.ASMalwS.33C
Microsoft Trojan:MSIL/CryptInject!MTB
ViRobot Trojan.Win32.S.Formbook.294912
ZoneAlarm HEUR:Trojan.MSIL.Shelpak.gen
GData Generic.Ransom.Hiddentear.A.56D4761C
Cynet Malicious (score: 100)
AhnLab-V3 Trojan/Win32.RL_Formbook.C4262574
Acronis suspicious
McAfee Fareit-FWC!A3295052BC7F
MAX malware (ai score=100)
VBA32 Trojan.MSIL.Shelpak
Malwarebytes Spyware.AgentTesla.Generic
Rising Stealer.Agent!1.D483 (CLASSIC)
Yandex Trojan.Shelpak!3ygUXk3TYsk
SentinelOne Static AI – Malicious PE
MaxSecure Trojan.Malware.103650238.susgen
Fortinet MSIL/Agent.RXP!tr.pws
AVG Win32:KeyloggerX-gen [Trj]
Panda Trj/GdSda.A
CrowdStrike win/malicious_confidence_100% (W)

How to remove Generic.Ransom.Hiddentear.A.56D4761C?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: DarkStealer.exeGeneric.Ransom.Hiddentear.A.56D4761C
2 years ago

Recent Posts

Win32/GenKryptik.GHKI removal

The Win32/GenKryptik.GHKI is considered dangerous by lots of security experts. When this infection is active,…

35 mins ago

About “Malware.AI.1748864991” infection

The Malware.AI.1748864991 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

HackTool.MetaSploit removal tips

The HackTool.MetaSploit is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

What is “Malware.AI.4145117540”?

The Malware.AI.4145117540 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

Trojan.Dropper.VPA malicious file

The Trojan.Dropper.VPA is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago

Malware.AI.1545899637 malicious file

The Malware.AI.1545899637 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago