About "Generic.Ransom.Sodinokibi.FE9FF902 (B)" infection

The Generic.Ransom.Sodinokibi.FE9FF902 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generic.Ransom.Sodinokibi.FE9FF902 (B) virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
A process created a hidden window
A scripting utility was executed
Attempts to stop active services
Installs itself for autorun at Windows startup
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Generic.Ransom.Sodinokibi.FE9FF902 (B)?


File Info:
crc32: F24099F6
md5: e9fc1bb19a3765d82f778e88f82593c1
name: tmp55rk976g
sha1: 792e99fd481616525c1b6f3f9835e8e24c0f4684
sha256: 07346bb5f71e3c67a9ffd1b0d9602452f044b9262b468b6ed055f6548f26327a
sha512: 5730d2e249e03f415096df4d1291aae3f62320c11614d5bd9c3db28ec5291e3fc392d7cc5a2bea0f89f4af8c3922a30cb38e42cb27b8516c786276757a4046fa
ssdeep: 1536:ck8UL5PbQCu5Nn/HDM5Oo0mjSpUCBMdqICS4AeNf1Wcr/1OOIZSHrjW4qDPjxPh:eVvpXmjmYdJ4Z1gYrBqDrhhsb
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Generic.Ransom.Sodinokibi.FE9FF902 (B) also known as:

MicroWorld-eScan	DeepScan:Generic.Ransom.Sodinokibi.FE9FF902
FireEye	Generic.mg.e9fc1bb19a3765d8
McAfee	Ransom-Sodnkibi!E9FC1BB19A37
Cylance	Unsafe
AegisLab	Trojan.Win32.Gen.j!c
K7AntiVirus	Trojan ( 0054d99c1 )
BitDefender	DeepScan:Generic.Ransom.Sodinokibi.FE9FF902
K7GW	Trojan ( 0054d99c1 )
Cybereason	malicious.19a376
TrendMicro	Ransom.Win32.SODINOKIB.SMTH
BitDefenderTheta	AI:Packer.59A870CF1E
Cyren	W32/Kryptik.AKW.gen!Eldorado
Symantec	Ransom.Sodinokibi
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Ransomware.Sodinokibi-7013612-0
GData	DeepScan:Generic.Ransom.Sodinokibi.FE9FF902
Kaspersky	HEUR:Trojan-Ransom.Win32.Gen.gen
Alibaba	Ransom:Win32/generic.ali2000010
NANO-Antivirus	Virus.Win32.Gen.ccmw
ViRobot	Trojan.Win32.Z.Sodinokibi.118272.BS
Rising	Ransom.Sodin!8.10CD8 (CLOUD)
Ad-Aware	DeepScan:Generic.Ransom.Sodinokibi.FE9FF902
Sophos	Mal/Generic-S
Comodo	Malware@#2d8sggs686rfg
F-Secure	Trojan.TR/Crypt.XPACK.Gen
DrWeb	Trojan.Encoder.28004
Zillya	Trojan.Filecoder.Win32.14505
Invincea	heuristic
Trapmine	suspicious.low.ml.score
Emsisoft	DeepScan:Generic.Ransom.Sodinokibi.FE9FF902 (B)
Ikarus	Trojan-Ransom.Sodinokibi
F-Prot	W32/Kryptik.AKW.gen!Eldorado
Avira	TR/Crypt.XPACK.Gen
MAX	malware (ai score=82)
Antiy-AVL	Trojan[Ransom]/Win32.Gen
Endgame	malicious (high confidence)
Arcabit	DeepScan:Generic.Ransom.Sodinokibi.FE9FF902
ZoneAlarm	HEUR:Trojan-Ransom.Win32.Gen.gen
Microsoft	Ransom:Win32/Sodinokibi.DSB!MTB
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.RL_Ransom.R290570
Acronis	suspicious
ALYac	Trojan.Ransom.Sodinokibi
VBA32	BScope.Trojan.DelShad
Malwarebytes	Ransom.Sodinokibi
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Filecoder.Sodinokibi.B
TrendMicro-HouseCall	Ransom.Win32.SODINOKIB.SMTH
Tencent	Malware.Win32.Gencirc.10cdd51f
Yandex	Trojan.Filecoder!D4ko3vclm2c
SentinelOne	DFI – Malicious PE
Fortinet	W32/Sodinokibi.B!tr.ransom
AVG	Win32:Malware-gen
Avast	Win32:Malware-gen
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	HEUR/QVM20.1.269C.Malware.Gen

How to remove Generic.Ransom.Sodinokibi.FE9FF902 (B)?

Generic.Ransom.Sodinokibi.FE9FF902 (B) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Generic.Ransom.Sodinokibi.FE9FF902 (B)” infection