Ransom

Ransom.Azov removal guide

Malware Removal

The Ransom.Azov is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom.Azov virus can do?

  • Sample contains Overlay data
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Binary compilation timestomping detected

How to determine Ransom.Azov?



File Info:

name: 6C655CDB02CB3B8576E0.mlw
path: /opt/CAPEv2/storage/binaries/747ce1ac2070bb4ce6437ca4ec81abd5e7fccf27e007a1f06f76f4ae7722c96f
crc32: 219749D2
md5: 6c655cdb02cb3b8576e0d67ddc5fe9de
sha1: 276cc715417e0b4d678ae75537d9164927c1f294
sha256: 747ce1ac2070bb4ce6437ca4ec81abd5e7fccf27e007a1f06f76f4ae7722c96f
sha512: 23ff9bca66c0f1b80aebeb609d34131d5a556e974a94ad982f85921fed6aedc99059ee66e95e2a429526a3e834db7e4a20028c229241a0f88f4f60907393b6b7
ssdeep: 12288:eP2AYp+DTtVpxzs9h2E18xGspcFCvHfPLkNV:an2ytI2EWxGi4CvLkj
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T113D47C5AEAE800A4E136933844B78145E2717C990B2296CBDE75B36DCF3FAF46C3C615
sha3_384: 6a9858083dc7a8710625e6b6df22b0b1975e2c30e72aebd829d6c1c07cfeb3c5286e6ce7ebfae9e0412be242a3e3a7ed
ep_bytes: e848feffffc82000004c897c24f84883
timestamp: 2035-04-27 06:27:09


Version Info:

CompanyName: Microsoft Corporation
FileDescription: Reusable UX Interaction Manager
FileVersion: 10.0.19041.1019 (WinBuild.160101.0800)
InternalName: Reusable UX Interaction Manager
LegalCopyright: © Microsoft Corporation. All rights reserved.
OriginalFilename: RUXIMICS.exe
ProductName: Microsoft® Windows® Operating System
ProductVersion: 10.0.19041.1019
Translation: 0x0409 0x04b0

Ransom.Azov also known as:

MicroWorld-eScanGen:Variant.Lazy.259321
FireEyeGen:Variant.Lazy.259321
ESET-NOD32Win64/Filecoder.GG
CynetMalicious (score: 100)
BitDefenderGen:Variant.Lazy.259321
Ad-AwareGen:Variant.Lazy.259321
EmsisoftGen:Variant.Lazy.259321 (B)
GDataGen:Variant.Lazy.259321
JiangminTrojan.Blocker.urx
ArcabitTrojan.Lazy.D3F4F9
ALYacGen:Variant.Lazy.259321
MAXmalware (ai score=86)
MalwarebytesRansom.Azov
FortinetW64/Filecoder.GG!tr

How to remove Ransom.Azov?

Ransom.Azov removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment