Ransom

Generic.Ransom.Stampado.F477C03A (file analysis)

Malware Removal

The Generic.Ransom.Stampado.F477C03A is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.Ransom.Stampado.F477C03A virus can do?

  • Creates RWX memory
  • Sniffs keystrokes
  • Exhibits behavior characteristic of Kibex Spyware/KeyBase Keylogger
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Generic.Ransom.Stampado.F477C03A?



File Info:

crc32: 4024D5E5
md5: 8ed037d3873fa7b7b5a9b04e517fb687
name: 8ED037D3873FA7B7B5A9B04E517FB687.mlw
sha1: 38d8a0b5dc599a6c78ff7feb1e9ec6b4fd437de4
sha256: e964892e547ed454fe9927ae199ce77a9d316e23d06e65a258e4d6c51fe85221
sha512: 9a6a4de099acf783816c780007147a4ae9d80c21cb5ad86dd921b8ac85c088722a1b6a7e78a13962cc55a57e7706ab5223e1a1974a3b534f26179f3195258200
ssdeep: 24576:rXU09t8XLX8hf6VAYCG6WouT8wanOGNyFZLiG:rEutzfsCG5h9az8Fti
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Karsten Funk under Creative Commons "by-nc-nd 3.0"
InternalName: HMW - Hide my Windows_v3004_stripped_pp
FileVersion: 3.0.0.4
CompanyName: Karsten Funk. All rights reserved. https://funk.eu
Made By: Karsten Funk
LegalTrademarks: by-nc-nd 3.0
Comments: xa9 HMW - Hide my Windows, 2011-2020 by Karsten Funk. All rights reserved. https://funk.eu
ProductName: HMW - Hide my Windows
Platform: XP,Vista,Win7,Win8,Win81,Win10
ProductVersion: 3.3.15.3
FileDescription: HMW - Hide my Windows
AutoIt Version: 3.3.15.3
Compile Date: 25.07.2020 12:38:27
Translation: 0x0409 0x04b0

Generic.Ransom.Stampado.F477C03A also known as:

BkavW32.AIDetect.malware2
ClamAVWin.Malware.Generic-9879926-0
CAT-QuickHealTrojan.GraftorPMF.S18362071
ALYacGeneric.Ransom.Stampado.F477C03A
ZillyaTrojan.Obfuscated.Win32.95080
BitDefenderGeneric.Ransom.Stampado.F477C03A
APEXMalicious
CynetMalicious (score: 100)
MicroWorld-eScanGeneric.Ransom.Stampado.F477C03A
Ad-AwareGeneric.Ransom.Stampado.F477C03A
F-SecureDropper.DR/AutoIt.Gen
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.th
FireEyeGeneric.Ransom.Stampado.F477C03A
EmsisoftGeneric.Ransom.Stampado.F477C03A (B)
JiangminAdWare.Script.gj
AviraDR/AutoIt.Gen
Antiy-AVLTrojan/Generic.ASMalwS.30F6B20
MicrosoftTrojan:Win32/Tnega!ml
ArcabitGeneric.Ransom.Stampado.F477C03A
GDataGeneric.Ransom.Stampado.F477C03A
MAXmalware (ai score=89)

How to remove Generic.Ransom.Stampado.F477C03A?

Generic.Ransom.Stampado.F477C03A removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment