Ransom.Dharma.98 removal tips

The Ransom.Dharma.98 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ransom.Dharma.98 virus can do?

Executable code extraction
Creates RWX memory

How to determine Ransom.Dharma.98?


File Info:
crc32: 3DCC353E
md5: 7eda4d79cbfd33facc2cfe5a865cb002
name: 7EDA4D79CBFD33FACC2CFE5A865CB002.mlw
sha1: a4abca74ac8c98910f5bc7499c38e21617eb283f
sha256: 4719a64be3539c45a2e4fa36aadd93b6247e0fe8ed06aaef51e7918bddb78748
sha512: 29d16745645713a93f18be4fdfb86a6cbe383f6d104c9ee31eb547339971e57b5e30dbb67d13dbb1ec6d128e2b15ac0d795b4e2f6168e69ca6d1f885f45b0a31
ssdeep: 6144:48ZLsvNYPtbImHz/krbhVXDOUJRFI74ged5XfSs:4mCNYPtbXTMr19qeRGdOfSs
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: All rights reserved.
InternalName: Interactive
FileVersion: 4.4.45.247
CompanyName: Oxford Nanopore Technologies
FileDescription: Subjective Full Tim Cexistent Bottleneck
LegalTrademarks: All rights reserved.
Comments: Subjective Full Tim Cexistent Bottleneck
ProductName: Interactive
Languages: English
ProductVersion: 4.4.45.247
PrivateBuild: 4.4.45.247
OriginalFilename: Interactive.exe
Translation: 0x0409 0x04b0

Ransom.Dharma.98 also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Riskware ( 0040eff71 )
Elastic	malicious (high confidence)
DrWeb	Trojan.DownLoad.64914
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Ransom.Dharma.98
Cylance	Unsafe
Zillya	Trojan.Cutwail.Win32.1449
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_60% (D)
Alibaba	Trojan:Win32/Cutwail.e9df28b2
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.9cbfd3
ESET-NOD32	a variant of Win32/Kryptik.GTMF
APEX	Malicious
Avast	Win32:Trojan-gen
Kaspersky	Trojan.Win32.Cutwail.xir
BitDefender	Gen:Variant.Ransom.Dharma.98
NANO-Antivirus	Trojan.Win32.Cutwail.fqswuw
MicroWorld-eScan	Gen:Variant.Ransom.Dharma.98
Ad-Aware	Gen:Variant.Ransom.Dharma.98
Comodo	Malware@#3mkrm1dswx707
BitDefenderTheta	Gen:NN.ZexaF.34628.tu0@ai9iyFei
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	GenericRXHV-TW!7EDA4D79CBFD
FireEye	Generic.mg.7eda4d79cbfd33fa
Emsisoft	Gen:Variant.Ransom.Dharma.98 (B)
Jiangmin	Trojan.Cutwail.id
Webroot	W32.Rogue.Gen
ZoneAlarm	Trojan.Win32.Cutwail.xir
GData	Gen:Variant.Ransom.Dharma.98
AhnLab-V3	Malware/Win32.Generic.C3300726
McAfee	GenericRXHV-TW!7EDA4D79CBFD
VBA32	BScope.Trojan.Cutwail
Malwarebytes	Spyware.PasswordStealer
Panda	Trj/CI.A
Tencent	Win32.Trojan.Cutwail.Amwo
Yandex	Trojan.Cutwail!+E91zD9BOe8
Ikarus	Trojan.SuspectCRC
MaxSecure	Trojan.Malware.1385160.susgen
Fortinet	W32/Kryptik.GTMF!tr
AVG	Win32:Trojan-gen
Paloalto	generic.ml
Qihoo-360	Win32/Botnet.Cutwail.HwoCgn0A

How to remove Ransom.Dharma.98?

Ransom.Dharma.98 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X