How to remove “Generic.Ransom.Maze.Packed.48975FE7”?

The Generic.Ransom.Maze.Packed.48975FE7 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Generic.Ransom.Maze.Packed.48975FE7 virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
CAPE detected the Maze malware family
Anomalous binary characteristics

How to determine Generic.Ransom.Maze.Packed.48975FE7?


File Info:
name: 49A389FB2C7B7F91331B.mlw
path: /opt/CAPEv2/storage/binaries/1de59d87840d41c7e779809708794ee9a9d5992f1ed113f3ede79aa6f33fd09d
crc32: 2CC00C14
md5: 49a389fb2c7b7f91331b6f495b5eaf7e
sha1: 78a28e08b2bb33fa04bafcdac701e113421e04c2
sha256: 1de59d87840d41c7e779809708794ee9a9d5992f1ed113f3ede79aa6f33fd09d
sha512: f6eea1f6c2983ad10370fe8ef29834948cebb151b5abf317d42a578059d391a45f352cf9722a04c142aca82b9fda91b03d9e34476cb42b9780012f87c6b04af8
ssdeep: 12288:4CaBWj1R434D3Ng6dNoQl+vuxoh+fSGoZG:4Aj3eIXroQfxo06HZG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11EF48D1EE6D356F5CD2BC030849B632A9D7338202B105EFB46E0C7B5DA22A56F776B05
sha3_384: 2029fac4289f20bce781bb737ee0f6b346f655b920574309e9159cbdd77ec23501d80da44c4a46834f034b75e81117b2
ep_bytes: e8abfafdffe836fafdffbb3b1b000066
timestamp: 1970-01-01 00:00:00

Version Info:
0: [No Data]

Generic.Ransom.Maze.Packed.48975FE7 also known as:

Bkav	W32.AIDetect.malware1
DrWeb	Trojan.Encoder.29783
MicroWorld-eScan	Generic.Ransom.Maze.Packed.48975FE7
FireEye	Generic.Ransom.Maze.Packed.48975FE7
ALYac	Generic.Ransom.Maze.Packed.48975FE7
Malwarebytes	Trojan.Nymaim.Generic
Zillya	Trojan.Filecoder.Win32.10770
Sangfor	Trojan.Win32.Save.a
K7GW	Trojan ( 0054eda51 )
K7AntiVirus	Trojan ( 0054eda51 )
Cyren	W32/Ransom.NC.gen!Eldorado
Symantec	Ransom.Maze
TrendMicro-HouseCall	Ransom.Win32.MAZE.SMDA
ClamAV	Win.Malware.Maze-6998740-0
BitDefender	Generic.Ransom.Maze.Packed.48975FE7
Tencent	Malware.Win32.Gencirc.10ce0af6
Ad-Aware	Generic.Ransom.Maze.Packed.48975FE7
Sophos	ML/PE-A + Troj/RansMaz-J
TrendMicro	Ransom.Win32.MAZE.SMDA
McAfee-GW-Edition	BehavesLike.Win32.Generic.bh
Emsisoft	Generic.Ransom.Maze.Packed.48975FE7 (B)
Ikarus	Trojan-Ransom.Maze
Jiangmin	Trojan.Generic.ehayr
Antiy-AVL	Trojan/Generic.ASMalwS.2CB9920
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
ViRobot	Trojan.Win32.MazeRansom.373760
GData	Generic.Ransom.Maze.Packed.48975FE7
Cynet	Malicious (score: 100)
Acronis	suspicious
McAfee	GenericRXMI-AC!49A389FB2C7B
MAX	malware (ai score=87)
APEX	Malicious
Rising	Ransom.Maze!1.BE87 (CLASSIC)
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_98%
Cybereason	malicious.b2c7b7
MaxSecure	Trojan.Malware.121218.susgen

How to remove Generic.Ransom.Maze.Packed.48975FE7?

Generic.Ransom.Maze.Packed.48975FE7 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X