Fake • Ransom

About “Hoax.MSIL.FakeRansom” infection

The Hoax.MSIL.FakeRansom is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Hoax.MSIL.FakeRansom virus can do?

The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine Hoax.MSIL.FakeRansom?


File Info:
crc32: 2DB153DD
md5: 1df606136174f7bc869219f01cd4a0f4
name: 1DF606136174F7BC869219F01CD4A0F4.mlw
sha1: b405327ffddce2ea5a77eddbe2e1b2661380d721
sha256: 388bc4cef92e69f2b9d71138e4a7c462386fd72dfa42365d6f9617a9f488dd00
sha512: a2321986ad391ca58c30ea5d6fc716aa36bdf605e1b4690a942955649597b7d90572bf4beee90163722321c084508a054e3c0bdf47d9467fc2525fbe443b46cc
ssdeep: 24576:rBi7uKfFFXvLGzzbxAuYIHoXBi7uKfFFXvLGzzbxBFFXvLGzzbxtY:gKk7vCzvx2IoXMKk7vCzvxB7vCzvx
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2018
Assembly Version: 1.0.0.0
InternalName: Fake Ransomware.exe
FileVersion: 1.0.0.0
CompanyName: 
LegalTrademarks: 
Comments: 
ProductName: FakeRansomware
ProductVersion: 1.0.0.0
FileDescription: FakeRansomware
OriginalFilename: Fake Ransomware.exe

Hoax.MSIL.FakeRansom also known as:

Lionic	Trojan.Win32.Generic.4!c
ALYac	Trojan.Ransom.Petya
Cylance	Unsafe
Alibaba	Ransom:MSIL/Crypute.e4f08125
Cybereason	malicious.36174f
Symantec	ML.Attribute.HighConfidence
Avast	Win32:Malware-gen
Kaspersky	HEUR:Hoax.MSIL.FakeRansom.gen
BitDefender	Gen:Heur.Ransom.REntS.Gen.1
MicroWorld-eScan	Gen:Heur.Ransom.REntS.Gen.1
Ad-Aware	Gen:Heur.Ransom.REntS.Gen.1
Sophos	Mal/Generic-S
Comodo	Malware@#nhzigfv6oadx
BitDefenderTheta	Gen:NN.ZemsilF.34058.Mn0@a8C4k7
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	Artemis!Trojan
FireEye	Gen:Heur.Ransom.REntS.Gen.1
Emsisoft	Gen:Heur.Ransom.REntS.Gen.1 (B)
Microsoft	Trojan:Win32/Occamy.C38
GData	Gen:Heur.Ransom.REntS.Gen.1
McAfee	Artemis!1DF606136174
MAX	malware (ai score=99)
VBA32	Trojan.MSIL.gen.a.4
Panda	Trj/GdSda.A
Yandex	Trojan.Hiddenrear!PCchzcvIpDo
Fortinet	MSIL/Filecoder.8140!tr.ransom
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.Generic.HgAASQoA

How to remove Hoax.MSIL.FakeRansom?

Hoax.MSIL.FakeRansom removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X