Ransom

About “Ransom.Krangler” infection

Malware Removal

The Ransom.Krangler is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom.Krangler virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Ransom.Krangler?



File Info:

name: 648B0B2E03024713B230.mlw
path: /opt/CAPEv2/storage/binaries/e7122c80a08b50ef95fe7c1fd20e4ec3a7479f4e3ee7aea158e0abc424c03c32
crc32: 61F808CC
md5: 648b0b2e03024713b2306bb3f21c426e
sha1: af91107dd355553316b75f45d60ac8aaef3ce58b
sha256: e7122c80a08b50ef95fe7c1fd20e4ec3a7479f4e3ee7aea158e0abc424c03c32
sha512: 45efeb057fc1a7dbb51990da9cb82784afd96f62259dee6d1485a8722a158e463f5f5e68d388a56c702e93c920d6f99702ff7cd0e6ec95c62ec7e9218e817578
ssdeep: 6144:5jq+lUFvtdkepcG7kjs1Xc+CICioWKTKRLskV0hXh3CcPIAOQfjh:5j21Xc+PCioULsfjCRANfjh
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1B9749F2137D09433C26301B16A9CB7BEA16A6559E79209C373E81F277FA0DD27431BA7
sha3_384: 32448093d502c6e3afdd377706ed21dbe22c832650011f802c40a011160f2417ef023e9825956f118279713d2492e019
ep_bytes: e86a040000e987feffffff25e8f14100
timestamp: 2022-05-02 14:55:53


Version Info:

Comments: Krangles Files
CompanyName: AVT
FileDescription: Krangles Files
FileVersion: v1.0.0.0
InternalName: CppR...Two
LegalCopyright: (c)2022
OriginalFilename: CppR...Two.exe
ProductName: FileKrangler
ProductVersion: v1.0.0.0
Translation: 0x0409 0x04b0

Ransom.Krangler also known as:

CynetMalicious (score: 99)
FireEyeGen:Variant.Jaik.53094
McAfeeArtemis!648B0B2E0302
K7AntiVirusTrojan ( 005927f61 )
K7GWTrojan ( 005927f61 )
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Filecoder.OKX
APEXMalicious
BitDefenderGen:Variant.Jaik.53094
MicroWorld-eScanGen:Variant.Jaik.53094
AvastWin32:Agent-BDDP [Ransom]
Ad-AwareGen:Variant.Jaik.53094
EmsisoftGen:Variant.Jaik.53094 (B)
TrendMicroRansom.Win32.FILECODER.YXCEL
McAfee-GW-EditionArtemis
Trapminesuspicious.low.ml.score
GDataGen:Variant.Jaik.53094
AviraADWARE/Agent.WO
ArcabitTrojan.Jaik.DCF66
ALYacGen:Variant.Jaik.53094
MAXmalware (ai score=84)
MalwarebytesRansom.Krangler
TrendMicro-HouseCallRansom.Win32.FILECODER.YXCEL
IkarusTrojan-Ransom.FileCrypter
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Filecoder
BitDefenderThetaGen:NN.ZexaF.34742.vC0@ae@Xy8hi
AVGWin32:Agent-BDDP [Ransom]

How to remove Ransom.Krangler?

Ransom.Krangler removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment