Generic.Ransom.Locked.767B115C (file analysis)

The Generic.Ransom.Locked.767B115C is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Ransom.Locked.767B115C virus can do?

Reads data out of its own binary image
Attempts to modify desktop wallpaper
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Generic.Ransom.Locked.767B115C?


File Info:
crc32: C6A30974
md5: 4b765609376e9913991ebd889ea8fb95
name: 4B765609376E9913991EBD889EA8FB95.mlw
sha1: 88ce14095fed9f962cf589eca80c21484b2c287c
sha256: 81fc8656527634d3587aec4d5ca571aca238bdf10c44425baccb97f9b61b293b
sha512: 5f965a7ecabcc8c73210acbc8bbe5584caff7528e52e433cbd08c43a4fbca278ba347bdf45e8a6eaa9699ab20fccb66297848822a61a45ce811ad3116b3e8c1e
ssdeep: 12288:WhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4asV7:GRmJkcoQricOIQxiZY1iasV7
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
CompiledScript: AutoIt v3 Script: 3, 3, 8, 1
FileVersion: 3, 3, 8, 1
FileDescription: 
Translation: 0x0809 0x04b0

Generic.Ransom.Locked.767B115C also known as:

Bkav	W32.AIDetect.malware2
ClamAV	Win.Malware.Autoit-6992337-0
McAfee	Dropper-AutoIt.o
Malwarebytes	Trojan.Injector.AutoIt.Generic
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0055e3fd1 )
BitDefender	Generic.Ransom.Locked.767B115C
K7GW	Trojan ( 0055e3fd1 )
CrowdStrike	win/malicious_confidence_80% (D)
Arcabit	Generic.Ransom.Locked.767B115C
Symantec	Ransom.Cryptolocker
ESET-NOD32	a variant of Win32/Filecoder.Crypt888.B
APEX	Malicious
Cynet	Malicious (score: 85)
Kaspersky	HEUR:Trojan-Ransom.Script.Encoder.gen
MicroWorld-eScan	Generic.Ransom.Locked.767B115C
Ad-Aware	Generic.Ransom.Locked.767B115C
Comodo	TrojWare.Win32.Injector.EUXI@4yxp37
F-Secure	Heuristic.HEUR/AGEN.1110296
DrWeb	Trojan.Encoder.24597
TrendMicro	Ransom.AutoIt.CRYPTEIGHT.SMTH
McAfee-GW-Edition	BehavesLike.Win32.Comame.bh
FireEye	Generic.Ransom.Locked.767B115C
Emsisoft	Generic.Ransom.Locked.767B115C (B)
Jiangmin	Trojan.Encoder.d
Avira	HEUR/AGEN.1110296
Antiy-AVL	Trojan[Ransom]/Win32.AutoItLock.a
Microsoft	Ransom:Win32/Pocrimcrypt.A
ZoneAlarm	HEUR:Trojan-Ransom.Script.Encoder.gen
GData	Generic.Ransom.Locked.767B115C (2x)
ALYac	Generic.Ransom.Locked.767B115C
MAX	malware (ai score=88)
Cylance	Unsafe
TrendMicro-HouseCall	Ransom.AutoIt.CRYPTEIGHT.SMTH
Rising	Ransom.Crypt888/Autoit!1.C27B (CLASSIC)
Ikarus	Trojan-Ransom.Crypt888
MaxSecure	Trojan.Autoit.AZA
Fortinet	W32/Filecoder.DYB!tr
BitDefenderTheta	AI:Packer.E19D7A3317
AVG	AutoIt:Ransom-L [Trj]
Avast	AutoIt:Ransom-L [Trj]
Qihoo-360	HEUR/QVM10.1.9CFA.Malware.Gen

How to remove Generic.Ransom.Locked.767B115C?

Generic.Ransom.Locked.767B115C removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X