Ransom

Generic.Ransom.KrakenB.48F9476A removal guide

Malware Removal

The Generic.Ransom.KrakenB.48F9476A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Generic.Ransom.KrakenB.48F9476A virus can do?

  • Executable code extraction
  • Creates RWX memory
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • A process created a hidden window
  • Performs some HTTP requests
  • Looks up the external IP address
  • Uses Windows utilities for basic functionality
  • Clears Windows events or logs
  • Attempts to create or modify system certificates
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz
ipinfo.io
blasze.tk

How to determine Generic.Ransom.KrakenB.48F9476A?


File Info:

crc32: D1FEECF0
md5: 784488de662d2988f40a11baaf698524
name: 784488DE662D2988F40A11BAAF698524.mlw
sha1: 58adb15e1375a0724e0d97962009d1750e879f14
sha256: c34dd075ecd1b529365a454777e0e93f2a5e0772362bf81a10de8b9078043092
sha512: b1e4785ab71724ffa64a236fed63295b16c9d8e8c539fc2902854332418c11acd8474ef8cac6a88d1c8e1825ab6d4d405e2a46432614c816af77d7933187d05e
ssdeep: 3072:aQ8rSn+L1hCiHEL0cojNPE+tKtaBKhfgk/bPWfcbs+fFsWd/bg446SEpPlcDv1i:aQ7+LTCi9PntKU+DPWEbs++8bxDPGL
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright:
Assembly Version: 1.2.8.9
InternalName: Main.exe
FileVersion: 1.2.8.9
CompanyName:
LegalTrademarks:
Comments:
ProductName:
ProductVersion: 1.2.8.9
FileDescription:
OriginalFilename: Main.exe

Generic.Ransom.KrakenB.48F9476A also known as:

K7AntiVirusRiskware ( 0040eff71 )
LionicTrojan.MSIL.SelfDel.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.26534
CynetMalicious (score: 100)
ALYacGeneric.Ransom.KrakenB.48F9476A
CylanceUnsafe
ZillyaBackdoor.PePatch.Win32.110673
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_70% (D)
AlibabaTrojan:Win32/SelfDel.b4c3b44b
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.e662d2
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Generik.MKWGGK
APEXMalicious
AvastWin32:MalwareX-gen [Trj]
ClamAVWin.Ransomware.DotNetCryptor-6959671-0
KasperskyHEUR:Trojan.MSIL.SelfDel.gen
BitDefenderGeneric.Ransom.KrakenB.48F9476A
NANO-AntivirusTrojan.Win32.SelfDel.fjknqi
MicroWorld-eScanGeneric.Ransom.KrakenB.48F9476A
TencentMsil.Trojan.Selfdel.Aheq
Ad-AwareGeneric.Ransom.KrakenB.48F9476A
SophosMal/Generic-R + Mal/Krakryp-A
ComodoMalware@#15ent1ell8f8f
BitDefenderThetaGen:NN.ZemsilF.34058.mq0@aummNJc
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
FireEyeGeneric.mg.784488de662d2988
EmsisoftGeneric.Ransom.KrakenB.48F9476A (B)
SentinelOneStatic AI – Malicious PE
Antiy-AVLTrojan/MSIL.SelfDel
MicrosoftBackdoor:Win32/Bladabindi!ml
ArcabitGeneric.Ransom.KrakenB.48F9476A
ZoneAlarmHEUR:Trojan.MSIL.SelfDel.gen
GDataGeneric.Ransom.KrakenB.48F9476A
AhnLab-V3Trojan/Win32.Genasom.C2826503
McAfeeArtemis!784488DE662D
MAXmalware (ai score=100)
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/GdSda.A
YandexTrojan.SelfDel!M0P2PveWV9k
IkarusTrojan.SuspectCRC
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/SelfDel!tr
AVGWin32:MalwareX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Kraken.HwMAEpsA

How to remove Generic.Ransom.KrakenB.48F9476A?

Generic.Ransom.KrakenB.48F9476A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment