Ransom

About “Ransom.GandCrab.2074” infection

Malware Removal

The Ransom.GandCrab.2074 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom.GandCrab.2074 virus can do?

  • Executable code extraction
  • Compression (or decompression)
  • Creates RWX memory
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Anomalous binary characteristics

How to determine Ransom.GandCrab.2074?



File Info:

crc32: FFC7108B
md5: 44f1c28272d675ec4111c9210f050278
name: 44F1C28272D675EC4111C9210F050278.mlw
sha1: 5d0897a333dff99c21c18835e0f0aa23aa2f0369
sha256: 54b737162281a9d9cf9c82e5a65e0c22fc33823720549b07c2537772e874ed09
sha512: 4bfb14b24de8517e15743d84fe9f0a53c054cfcf3b444165deb8d0149e57640477c31b996f6b59422d1d8d91b764c582ffdd3491ccc059c671af63cd20ccd2c0
ssdeep: 6144:N88b1XjCwBpKpsQVQF3dD3RFRPpqaSaHA3wQknqtoCxtGeTC50YLddyL63Fnfi:KwBgW3IQ6wi1GAI1Ljn
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2004 - 2013, SopCast.com.  All rights reserved.
InternalName: SopCast.exe
FileVersion: 4.2.0.800
CompanyName: www.sopcast.com
Comments: www.sopcast.com
ProductName: SopCast
ProductVersion: 4.2.0.800
FileDescription: SopCast Main Application
OriginalFilename: SopCast.exe
Translation: 0x0409 0x04e4

Ransom.GandCrab.2074 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0053fb461 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CAT-QuickHealTrojan.Mauvaise.SL1
ALYacTrojan.Ransom.GandCrab
CylanceUnsafe
ZillyaTrojan.GandCrypt.Win32.1118
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaRansom:Win32/GandCrypt.bb62e405
K7GWTrojan ( 0053fb461 )
Cybereasonmalicious.272d67
SymantecPacked.Generic.537
ESET-NOD32a variant of Win32/Kryptik.GLTQ
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Ransom.Win32.GandCrypt.fwb
BitDefenderGen:Variant.Ransom.GandCrab.2074
NANO-AntivirusTrojan.Win32.GandCrypt.fjaait
ViRobotTrojan.Win32.R.Agent.499712.AD
MicroWorld-eScanGen:Variant.Ransom.GandCrab.2074
TencentWin32.Trojan.Raas.Auto
Ad-AwareGen:Variant.Ransom.GandCrab.2074
SophosMal/Generic-R + Mal/Kryptik-CY
ComodoMalware@#1c5lzznhzn95q
BitDefenderThetaGen:NN.ZexaF.34688.Eu0@aGSDSqgj
TrendMicroRansom_GANDCRAB.THJAIAH
McAfee-GW-EditionTrojan-FQUD!44F1C28272D6
FireEyeGeneric.mg.44f1c28272d675ec
EmsisoftGen:Variant.Ransom.GandCrab.2074 (B)
WebrootW32.Ransom.Gandcrab
AviraTR/AD.GandCrab.P
eGambitUnsafe.AI_Score_96%
MicrosoftRansom:Win32/Gandcrab!MTB
ArcabitTrojan.Ransom.GandCrab.D81A
AegisLabTrojan.Win32.GandCrypt.4!c
GDataGen:Variant.Ransom.GandCrab.2074
AhnLab-V3Win-Trojan/Gandcrab09.Exp
McAfeeTrojan-FQUD!44F1C28272D6
MAXmalware (ai score=100)
VBA32BScope.TrojanRansom.GandCrypt
MalwarebytesRansom.GandCrab
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_GANDCRAB.THJAIAH
RisingRansom.GandCrypt!8.F33E (CLOUD)
YandexTrojan.GandCrypt!5HRP62u1LOk
IkarusTrojan.Win32.Krypt
FortinetW32/GenKryptik.CKDY!tr.ransom
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Ransom.GandCrab.2074?

Ransom.GandCrab.2074 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment