Generik.MRJRLSA information

The Generik.MRJRLSA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Generik.MRJRLSA virus can do?

Executable code extraction
Attempts to connect to a dead IP:Port (1 unique times)
Creates RWX memory
The binary likely contains encrypted or compressed data.
Attempts to remove evidence of file being downloaded from the Internet
Attempts to repeatedly call a single API many times in order to delay analysis time
Installs itself for autorun at Windows startup
Exhibits possible ransomware file modification behavior
Writes a potential ransom message to disk
Creates a copy of itself
Appends a known CryptoShield ransomware file extension to files that have been encrypted
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Generik.MRJRLSA?


File Info:
crc32: 0413A42B
md5: acc95b1b7cdfa868ee7ab7da1efd91d8
name: ACC95B1B7CDFA868EE7AB7DA1EFD91D8.mlw
sha1: b705943086cf049c99f6576913505adcc921bb38
sha256: 0e2f45f73f7cb46f3302b1e8253ce992de3f1a1081c5142e1936bf39e874069e
sha512: e7c742ee3735d7e1db454c60ad1f60f2edc57da7bec04af65c44b8d5fb2f20612132b6cd6849bf411216e642c99536793066bc0ca8ea202b6cd216b479224664
ssdeep: 1536:Zk7SsrJPVpJE5YMNdoNWAkQCjNjikyM/+He+Oxrk3auFpkrkAo3:e3np+5LNsXk/2RxrgMauFKkF
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2001 - 2017
FileVersion: 7, 4, 1, 8
CompanyName: Windows Protect
ProductName: Windows Protect
ProductVersion: 7, 4, 1, 8
FileDescription: Windows Protect
OriginalFilename: winlogon.exe
Translation: 0x0860 0x03a8

Generik.MRJRLSA also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0056e6531 )
Lionic	Trojan.Win32.Generic.4!c
DrWeb	Trojan.Encoder.10240
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.Chapak.ZZ6
ALYac	Gen:Variant.Ransom.HydraCrypt.21
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Ransom:Win32/generic.ali2000010
K7GW	Trojan ( 0056e6531 )
Cybereason	malicious.b7cdfa
Symantec	Ransom.Troldesh!gm
ESET-NOD32	a variant of Generik.MRJRLSA
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Ransom.HydraCrypt.21
NANO-Antivirus	Trojan.Win32.Ransom.everyh
MicroWorld-eScan	Gen:Variant.Ransom.HydraCrypt.21
Tencent	Win32.Trojan.Generic.Lqov
Ad-Aware	Gen:Variant.Ransom.HydraCrypt.21
Sophos	Mal/Generic-S
Comodo	Malware@#2c7f2yrqkwx0u
BitDefenderTheta	Gen:NN.ZexaF.34170.gu0@aehuvemi
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	Trojan-FLGJ!ACC95B1B7CDF
FireEye	Generic.mg.acc95b1b7cdfa868
Emsisoft	Gen:Variant.Ransom.HydraCrypt.21 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Generic.brdgs
Avira	HEUR/AGEN.1113593
Antiy-AVL	Trojan/Generic.ASMalwS.22BB24E
Microsoft	Ransom:Win32/Shieldcrypt.A
GData	Gen:Variant.Ransom.HydraCrypt.21
McAfee	Trojan-FLGJ!ACC95B1B7CDF
MAX	malware (ai score=100)
VBA32	BScope.Trojan.Downloader
Malwarebytes	Malware.AI.417750334
Panda	Trj/CI.A
Rising	Trojan.Generic@ML.97 (RDML:j9R/dYH9fm4XmFVfXzDfAQ)
Yandex	Trojan.Agent!iH0vyf4ZUdY
Ikarus	Trojan.SuspectCRC
Fortinet	W32/Kryptik.FOCI!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Generik.MRJRLSA?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Generik.MRJRLSA information