What is “Ransom.Makop.50”?

The Ransom.Makop.50 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ransom.Makop.50 virus can do?

Dynamic (imported) function loading detected
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Collects information to fingerprint the system

How to determine Ransom.Makop.50?


File Info:
name: 2F26AB653FE7C323188B.mlw
path: /opt/CAPEv2/storage/binaries/85739f8bf1e084ea7b23c03821e287a8cfc9cda3e9ad15e37f4ca9fbcd34e099
crc32: 887603FC
md5: 2f26ab653fe7c323188be92fafe74bbc
sha1: d62624011e5aceaf7b99b30d88c6bd5233d2bbd2
sha256: 85739f8bf1e084ea7b23c03821e287a8cfc9cda3e9ad15e37f4ca9fbcd34e099
sha512: c9f047084cb7943c8a2bc7ecdaaac098dd05eefe3dd05045d9de4dabb88d8e9aaa5fa140469f9209f798b89fd220fc5705a17d72115665978b8874d2466f4582
ssdeep: 768:IaQRffMB31aCytHLykiKPT3JATD2qBwV2ckjbnsb0Ah99De0YAD8Uol7oATmlf:Iaj318HxZATvnsblYO8X7t
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F2337C6BEFC069F3FDA5257016DAFB56A4DA6C0C035057C3AF24AD40B5602E1ACF95C2
sha3_384: 94765e49c9f87353ca19f48a1bfa10d80b0b8e516050fbd5d4493ae736d32b97540c369936af52ec6c731fe2bee44130
ep_bytes: 535657e888120000a21ea04100c6051d
timestamp: 2021-11-23 16:18:12

Version Info:
0: [No Data]

Ransom.Makop.50 also known as:

Bkav	W32.AIDetect.malware2
Lionic	Trojan.Multi.Generic.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Ransom.Makop.50
FireEye	Generic.mg.2f26ab653fe7c323
McAfee	GenericRXRF-JK!2F26AB653FE7
Cylance	Unsafe
Zillya	Trojan.Filecoder.Win32.21346
Sangfor	Suspicious.Win32.Attribute.HighConfidence
K7AntiVirus	Trojan ( 0055ebce1 )
Alibaba	Ransom:Win32/Phobos.a4d8bfe8
Cybereason	malicious.53fe7c
BitDefenderTheta	Gen:NN.ZexaF.34114.duW@a0Mc5jb
Cyren	W32/Trojan.HNBP-8116
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Filecoder.Phobos.E
TrendMicro-HouseCall	Ransom_Phobos.R06CC0DLO21
Avast	Win32:Fasec [Trj]
Cynet	Malicious (score: 100)
Kaspersky	UDS:DangerousObject.Multi.Generic
BitDefender	Gen:Variant.Ransom.Makop.50
Tencent	Win32.Trojan.Filecoder.Hsiw
Ad-Aware	Gen:Variant.Ransom.Makop.50
Emsisoft	Gen:Variant.Ransom.Makop.50 (B)
TrendMicro	Ransom_Phobos.R06CC0DLO21
McAfee-GW-Edition	BehavesLike.Win32.Dropper.ph
Sophos	Mal/Generic-S
GData	Gen:Variant.Ransom.Makop.50
Jiangmin	Trojan.Makop.m
Avira	HEUR/AGEN.1209295
Antiy-AVL	Trojan/Generic.ASMalwS.34F4DF9
ViRobot	Trojan.Win32.Z.Phobos.50176.A
Microsoft	Ransom:Win32/Phobos.PB!MTB
AhnLab-V3	Malware/Win.Generic.R459921
VBA32	BScope.TrojanSpy.Zbot
ALYac	Trojan.Ransom.Makop
MAX	malware (ai score=86)
Malwarebytes	Ransom.Phobos
APEX	Malicious
Rising	Ransom.Makop!8.11819 (CLOUD)
Yandex	Trojan.Filecoder!dQ1UDw9XPGI
Fortinet	W32/Phobos.E!tr.ransom
AVG	Win32:Fasec [Trj]
Panda	Trj/GdSda.A
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Ransom.Makop.50?

Ransom.Makop.50 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X