Generic.Ransom.HydraCrypt.F343C672 removal tips

Malware Removal

The Generic.Ransom.HydraCrypt.F343C672 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Generic.Ransom.HydraCrypt.F343C672 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (4 unique times)
  • Creates RWX memory
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Attempts to remove evidence of file being downloaded from the Internet
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Appends a known CryptFile2 ransomware file extension to files that have been encrypted
  • Creates a known CryptFile2 ransomware decryption instruction / key file.
  • Anomalous binary characteristics

Related domains:

mm.shinkendo.fr
crt.usertrust.com
ocsp.comodoca.com
ocsp.usertrust.com
crl.usertrust.com

How to determine Generic.Ransom.HydraCrypt.F343C672?


File Info:

crc32: 836313BB
md5: ab581083b58e36dd3d4c50b05211327a
name: AB581083B58E36DD3D4C50B05211327A.mlw
sha1: 251df2d6d3fb49abad420f65049cf80b89acb4c4
sha256: 742e79aff2d5c7d235304930d7295d61ae7f658aa5828d9d1142926f560d96b1
sha512: a47b0f8aafcf22c7b812e1453885f11998f3dc5b6708eb3a8f7ae9992a4c969c28b36157177352a10324bf0ba4e12f011311e37b3a205628b61299117e488c3e
ssdeep: 1536:RrDu39Tv2P9vfTjt5ZM7Aw/TIZykilpPXvlMq12Kpuyjg1kF:JvfLZ6AqTIAkilpPX6q2y8kF
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

ProductVersion: 1,2,9,4
FileDescription: OreasSofts
FileVersion: 1,2,9,4
CompanyName: SynaicosSoft, Corporation.
Translation: 0x040e 0x04e5

Generic.Ransom.HydraCrypt.F343C672 also known as:

K7AntiVirusTrojan ( 0051ce291 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.6033
ALYacDeepScan:Generic.Ransom.HydraCrypt.F343C672
CylanceUnsafe
CrowdStrikewin/malicious_confidence_70% (D)
K7GWTrojan ( 0051ce291 )
Cybereasonmalicious.3b58e3
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.FGQU
APEXMalicious
AvastFileRepMetagen [Malware]
CynetMalicious (score: 100)
KasperskyTrojan-Spy.Win32.BitWall.vw
BitDefenderDeepScan:Generic.Ransom.HydraCrypt.F343C672
MicroWorld-eScanDeepScan:Generic.Ransom.HydraCrypt.F343C672
TencentWin32.Trojan.Generic.Lnoa
Ad-AwareDeepScan:Generic.Ransom.HydraCrypt.F343C672
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZexaF.34142.fy0@aCioUoai
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CRYPHYDRA.SMJ
McAfee-GW-EditionBehavesLike.Win32.Dropper.nh
FireEyeGeneric.mg.ab581083b58e36dd
EmsisoftDeepScan:Generic.Ransom.HydraCrypt.F343C672 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.bsmsq
AviraHEUR/AGEN.1113593
Antiy-AVLTrojan/Generic.ASMalwS.22D74E8
MicrosoftRansom:Win32/HydraCrypt.A
GDataDeepScan:Generic.Ransom.HydraCrypt.F343C672
Acronissuspicious
McAfeeGeneric.cur
MAXmalware (ai score=100)
VBA32BScope.Trojan.Sabsik.FL
MalwarebytesMalware.AI.3818972437
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_CRYPHYDRA.SMJ
RisingTrojan.Generic@ML.80 (RDML:KHwmF84P6FIkaVm/EUMGNQ)
YandexTrojan.Agent!PHx5SMHquwE
IkarusTrojan-Downloader.Win32.Waski
FortinetW32/Generic.FGQU!tr
AVGFileRepMetagen [Malware]
Paloaltogeneric.ml

How to remove Generic.Ransom.HydraCrypt.F343C672?

Generic.Ransom.HydraCrypt.F343C672 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment