Virus

About “Ramnit.Virus.FileInfector.DDS” infection

Malware Removal

The Ramnit.Virus.FileInfector.DDS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Ramnit.Virus.FileInfector.DDS virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Authenticode signature is invalid

How to determine Ramnit.Virus.FileInfector.DDS?


File Info:

name: 0722F3C094AA23F46D03.mlw
path: /opt/CAPEv2/storage/binaries/03d42e2b0510b13926287cd2fcece8c3ed336a5e1f06efac212834c0179700a1
crc32: 7A2F10F0
md5: 0722f3c094aa23f46d0359f3e33ce0be
sha1: 1a24aa0e29305b73d47ed5af25edcaa173c308fe
sha256: 03d42e2b0510b13926287cd2fcece8c3ed336a5e1f06efac212834c0179700a1
sha512: f9f254e453af48e7bd95fe6ea20cd5087a9d174ba9b76c3f884e826554c9a383da57a4eeb558a5e4b0c6b570e4929719ce9a09a0fb03e334173516bd95e37ab6
ssdeep: 12288:ZirwMiX6za21ima4oxhUjqKXIprkH2nYoX6Xf4DRnJbcnXSd3WVUH26d3WVF:Zi8Miqza2wm9oxhGNXIRkHVGhcn02J
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11F259E12B68284F3D6051B305AA6773ADA38A7461B25CFCBD354DE7C6C32381EE37259
sha3_384: 7d7ad31e0f743ee260433c4f4631f109b5f62944a57770da84dcfa514eb76cf300f1778fc1ce8f3b5dfc10a5a1366b72
ep_bytes: 558bec6aff6818de4b0068e801490064
timestamp: 2022-11-12 11:46:37

Version Info:

FileVersion: 1.0.0.0
FileDescription: 易语言程序
ProductName: 易语言程序
ProductVersion: 1.0.0.0
LegalCopyright: 作者版权所有 请尊重并使用正版
Comments: 本程序使用易语言编写(http://www.dywt.com.cn)
Translation: 0x0804 0x04b0

Ramnit.Virus.FileInfector.DDS also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
ClamAVWin.Malware.Gotango-7000352-0
FireEyeGeneric.mg.0722f3c094aa23f4
CAT-QuickHealRisktool.Flystudio.18827
MalwarebytesRamnit.Virus.FileInfector.DDS
SangforSuspicious.Win32.Save.ins
K7AntiVirusTrojan ( 005246d51 )
K7GWTrojan ( 005246d51 )
CrowdStrikewin/malicious_confidence_60% (W)
CyrenW32/S-480dd005!Eldorado
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Packed.FlyStudio.AA potentially unwanted
APEXMalicious
CynetMalicious (score: 100)
SophosGeneric ML PUA (PUA)
ComodoWorm.Win32.Dropper.RA@1qraug
McAfee-GW-EditionBehavesLike.Win32.Generic.dh
Trapminemalicious.moderate.ml.score
EmsisoftApplication.Generic (A)
SentinelOneStatic AI – Malicious PE
Antiy-AVLTrojan/Win32.FlyStudio.a
MicrosoftTrojan:Win32/Sabsik.EN.B!ml
GDataWin32.Trojan.PSE.5LSHNI
GoogleDetected
Acronissuspicious
CylanceUnsafe
RisingTrojan.Generic@AI.84 (RDML:hORzLnN3UD8C0FB7jFDEpA)
IkarusPUA.FlyStudio
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZexaF.34784.6q0@aKeT@Igb
Cybereasonmalicious.e29305

How to remove Ramnit.Virus.FileInfector.DDS?

Ramnit.Virus.FileInfector.DDS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment