About “Generic.Ransom.HydraCrypt.4435BF8A” infection

The Generic.Ransom.HydraCrypt.4435BF8A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Ransom.HydraCrypt.4435BF8A virus can do?

At least one process apparently crashed during execution
Yara rule detections observed from a process memory dump/dropped files/CAPE
Authenticode signature is invalid

How to determine Generic.Ransom.HydraCrypt.4435BF8A?


File Info:
name: 67E45F4316009387D44B.mlw
path: /opt/CAPEv2/storage/binaries/335977c72fc2de26a9414c0e8bf05e52df52ba4f98a809cbf13161366c8feb2e
crc32: 0F2FF9A6
md5: 67e45f4316009387d44b9f06cd13d775
sha1: 85dbd24222495b61116d6a84140c5cb2bc54d30b
sha256: 335977c72fc2de26a9414c0e8bf05e52df52ba4f98a809cbf13161366c8feb2e
sha512: c69168b306e58770d0ae3f0cd46f8f3854a6fdcdc09343a6230dba8b8bf396820194a0207c9e517ee37fb2f9b94e9da0197fde0fee437a84c6b3a8a49ec785d9
ssdeep: 3072:ymrhd5U1eigWcR+uiUg6p4FLlG4tlLJz+mmCeHFZjoHEo3m:yEd5+IZiZhLlG41immCo
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EC44D5669CD3912DF3DB25788000DB7CB8A76E1095361F7BB684F8EC28367E4CA6511E
sha3_384: 4717a69d5b518f8524011f3759d6b1ae2c799c4089fb74787ee4d524824377487224b63bfb9fd92c1808a7d669663428
ep_bytes: 741a33c98b4424148a4c3e028d740e04
timestamp: 2009-07-13 23:19:35

Version Info:
0: [No Data]

Generic.Ransom.HydraCrypt.4435BF8A also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Win32.Wanna.u!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Generic.Ransom.HydraCrypt.4435BF8A
FireEye	Generic.mg.67e45f4316009387
CAT-QuickHeal	Ransom.Zenshirsh.SL8
ALYac	Generic.Ransom.HydraCrypt.4435BF8A
Cylance	Unsafe
Zillya	Trojan.Wanna.Win32.68
Sangfor	Ransom.Win32.Wannacryptor_7.se2
K7AntiVirus	Riskware ( 0040eff71 )
K7GW	Riskware ( 0040eff71 )
CrowdStrike	win/malicious_confidence_100% (W)
Cyren	W32/FraudLoad.F32_DET!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Generik.GSGJHSE
APEX	Malicious
Avast	Win32:WanaCry-A [Trj]
ClamAV	Win.Ransomware.WannaCry-6313787-0
Kaspersky	Trojan-Ransom.Win32.Wanna.ardg
BitDefender	Generic.Ransom.HydraCrypt.4435BF8A
Ad-Aware	Generic.Ransom.HydraCrypt.4435BF8A
DrWeb	Trojan.Encoder.11432
TrendMicro	Ransom_WCRY.SM
McAfee-GW-Edition	GenericRXCU-BN!67E45F431600
Emsisoft	Generic.Ransom.HydraCrypt.4435BF8A (B)
GData	Win32.Trojan-Ransom.WannaCry.E
Avira	TR/WannaCrypt.llbmn
Antiy-AVL	Trojan/Generic.ASMalwS.21D4724
Microsoft	Ransom:Win32/WannaCrypt.A!rsm
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.WannaCryptor.C1953389
McAfee	GenericRXCU-BN!67E45F431600
MAX	malware (ai score=80)
VBA32	TrojanRansom.Wanna
Malwarebytes	Malware.AI.1250948614
TrendMicro-HouseCall	Ransom_WCRY.SM
Rising	Ransom.WanaCrypt!1.AAEB (CLASSIC)
SentinelOne	Static AI – Suspicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Wanna.ALXD!tr.ransom
BitDefenderTheta	Gen:NN.ZexaF.34062.pqX@a0wsn8b
AVG	Win32:WanaCry-A [Trj]
Cybereason	malicious.316009
Panda	Trj/CI.A

How to remove Generic.Ransom.HydraCrypt.4435BF8A?

Generic.Ransom.HydraCrypt.4435BF8A removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X