Ransom

About “Ransom.GlobeImposter” infection

Malware Removal

The Ransom.GlobeImposter is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom.GlobeImposter virus can do?

  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Likely virus infection of existing system binary
  • Creates a copy of itself

How to determine Ransom.GlobeImposter?



File Info:

crc32: EE17BE1E
md5: bf27099680ba9d1782e43336c400fb81
name: BF27099680BA9D1782E43336C400FB81.mlw
sha1: 6e0f1ac7d569c0a03df997e0536fa3b8ec42aafb
sha256: 1fb4124aacdf3c14138eea95dbe1c31e9afadeecf14cbdb9c958b0afefeb3ad0
sha512: b6072aa49e04ec5538301ab6f6ba7af7576bd25d354c7d791cd4c1c351eef862a6e037cb19d6ac0ea94f85aed48be4c59f14ffb4ba85c1b3a1646e6137429432
ssdeep: 768:v3Rvuye1kVtGBk6P/v7nWlHznbkVwrEKD9yDwxVSHrowNI2tG6o/t84B5tdA4Uz:ZeytM3alnawrRIwxVSHMweio3bC4U
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Ransom.GlobeImposter also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.GlobeImposter.126BF60B
CAT-QuickHealTrojan.Mauvaise.SL1
McAfeeGlobelmposter!BF27099680BA
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00502c261 )
BitDefenderGeneric.Ransom.GlobeImposter.126BF60B
K7GWTrojan ( 00502c261 )
Cybereasonmalicious.680ba9
CyrenW32/S-0a10191d!Eldorado
SymantecRansom.Cryptolocker
APEXMalicious
AvastWin32:RansomX-gen [Ransom]
ClamAVWin.Ransomware.Globeimposter-6991673-1
KasperskyHEUR:Trojan.Win32.Generic
AlibabaRansom:Win32/Filecoder.d150205b
NANO-AntivirusTrojan.Win32.Encoder.faecqn
ViRobotTrojan.Win32.Ransom.75776.B
AegisLabTrojan.Win32.Generic.4!c
TencentWin32.Trojan.Raas.Auto
Ad-AwareGeneric.Ransom.GlobeImposter.126BF60B
EmsisoftGeneric.Ransom.GlobeImposter.126BF60B (B)
ComodoTrojWare.Win32.Necne.AB@7l2s58
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.MulDrop15.60961
ZillyaTrojan.Filecoder.Win32.16891
TrendMicroRansom_FAKEGLOBE.SMB
McAfee-GW-EditionBehavesLike.Win32.Generic.qh
FireEyeGeneric.mg.bf27099680ba9d17
SophosML/PE-A + Troj/Ransom-EVE
IkarusTrojan-Ransom.GlobeImposter
JiangminTrojan.Generic.cblhx
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan[Ransom]/Win32.GlobeImposter
MicrosoftRansom:Win32/Filecoder.RB!MSR
ArcabitGeneric.Ransom.GlobeImposter.126BF60B
SUPERAntiSpywareRansom.FileCoder/Variant
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGeneric.Ransom.GlobeImposter.126BF60B
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.FileCoder.R228072
Acronissuspicious
BitDefenderThetaAI:Packer.D1143F921E
ALYacTrojan.Ransom.GlobeImposter
VBA32BScope.Trojan.Encoder
MalwarebytesRansom.GlobeImposter
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Filecoder.FV
TrendMicro-HouseCallRansom_FAKEGLOBE.SMB
RisingRansom.GlobeImposter!1.A538 (CLASSIC)
YandexTrojan.Agent!iGXLrz7FPTE
SentinelOneStatic AI – Malicious PE
FortinetW32/Filecoder.FV!tr
WebrootW32.Trojan.Gen
AVGWin32:RansomX-gen [Ransom]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Trojan.Necne.A

How to remove Ransom.GlobeImposter?

Ransom.GlobeImposter removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment