Ransom

Ransom.Matrix information

Malware Removal

The Ransom.Matrix is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom.Matrix virus can do?

  • Detected script timer window indicative of sleep style evasion
  • Loads a driver
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Executed a very long command line or script command which may be indicative of chained commands or obfuscation
  • A scripting utility was executed
  • Uses Windows utilities for basic functionality
  • Steals private information from local Internet browsers
  • Attempts to modify desktop wallpaper
  • Installs itself for autorun at Windows startup
  • Exhibits possible ransomware file modification behavior
  • Likely virus infection of existing system binary
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

Related domains:

ghb.timerz.org

How to determine Ransom.Matrix?



File Info:

crc32: 02188D15
md5: 9c872367555dcd5901651f9c768fca5b
name: upload_file
sha1: 028ef1a52c04fce1f8d84e019167d54a9067fc13
sha256: 7b5e536827c3bb9f8077aed78726585739bcde796904edd6c4faadc9a8d22eaf
sha512: a855ef7f0ec570aa3c935e403ce34be05be17ba5c999294872b5706d27511f9137de205ac2deb12c4ebba8b6e1793725b205b5005edf12361caf708c6640abce
ssdeep: 24576:sxcxFP+OOobRioyJR5ezu413hJE5cx0B7+R5kQMx6NZA:7fzBE6xdynf
type: PE32 executable (console) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Ransom.Matrix also known as:

BkavW32.AIDetectVM.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.Ransom.Matrix.4BE75F48
CAT-QuickHealRansom.Matrix.S15128233
McAfeeRansom-Matrix!9C872367555D
MalwarebytesRansom.Matrix
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Agent.j!c
SangforMalware
K7AntiVirusTrojan ( 7000000f1 )
BitDefenderGeneric.Ransom.Matrix.4BE75F48
K7GWTrojan ( 7000000f1 )
Cybereasonmalicious.7555dc
ArcabitGeneric.Ransom.Matrix.4BE75F48
TrendMicroRansom.Win32.MATRIX.SMTH
CyrenW32/Ransom.MZ.gen!Eldorado
SymantecRansom.Matrix
APEXMalicious
ClamAVWin.Ransomware.Matrix-7530993-0
KasperskyHEUR:Trojan-Ransom.Win32.Agent.gen
AlibabaRansom:Win32/generic.ali2000010
NANO-AntivirusTrojan.Win32.Filecoder.fpwrix
SUPERAntiSpywareRansom.FileCoder/Variant
Ad-AwareGeneric.Ransom.Matrix.4BE75F48
EmsisoftGeneric.Ransom.Matrix.4BE75F48 (B)
F-SecureTrojan.TR/FileCoder.lrzka
DrWebTrojan.Encoder.25814
ZillyaTrojan.Agent.Win32.1095554
InvinceaTroj/Matrix-I
McAfee-GW-EditionBehavesLike.Win32.Dropper.th
FireEyeGeneric.mg.9c872367555dcd59
SophosTroj/Matrix-I
IkarusTrojan-Ransom.Matrix
JiangminTrojan.Agent.cooj
WebrootW32.Agent.Gen
AviraTR/FileCoder.lrzka
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan[Ransom]/Win32.Agent
MicrosoftTrojan:Win32/CryptInject!ml
ViRobotTrojan.Win32.Ransom.1227264
ZoneAlarmHEUR:Trojan-Ransom.Win32.Agent.gen
GDataWin32.Trojan-Ransom.Matrix.A
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Matrixran.R234829
VBA32TScope.Trojan.Delf
ALYacTrojan.Ransom.Matrix
MAXmalware (ai score=100)
CylanceUnsafe
PandaTrj/GdSda.A
ESET-NOD32a variant of Win32/Filecoder.LockedFile.I
TrendMicro-HouseCallRansom.Win32.MATRIX.SMTH
RisingRansom.Agent!1.C96C (CLASSIC)
YandexTrojan.Filecoder!7ooyeLgWlFo
SentinelOneDFI – Suspicious PE
FortinetW32/Matrix.2FFD!tr.ransom
BitDefenderThetaAI:Packer.A472835721
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Trojan.Ransom.b44

How to remove Ransom.Matrix?

Ransom.Matrix removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment