Ransom

Ransom.Rams malicious file

Malware Removal

The Ransom.Rams is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Ransom.Rams virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz

How to determine Ransom.Rams?


File Info:

crc32: 5C61D061
md5: 84f457ec561f492f487d82eba049fd74
name: 84F457EC561F492F487D82EBA049FD74.mlw
sha1: 9e9294dad441369f953d2f97a9fd6c76b258e030
sha256: c13156c4fe6742c528f13519215ebed197304b969249ff28d3ff7fb6f74961ec
sha512: 2662f5f5404a61f8136f6a395ebaa12f10d3b08b9255a2c321a22a14b4c98c1f3bbec5e030e3418f3a649e3138871af0656035960b4d8fae63445440fc525bf9
ssdeep: 192:AXmIxNjZMClLxOaFh+jXTREQZBjqJ1aF31deU/6UsfBD6:AX7fjGGlOaFQjljZCuP/6TfBD
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2019
Assembly Version: 1.0.0.0
InternalName: Rams1.exe
FileVersion: 1.0.0.0
CompanyName:
LegalTrademarks:
Comments:
ProductName: Rams1
ProductVersion: 1.0.0.0
FileDescription: Rams1
OriginalFilename: Rams1.exe

Ransom.Rams also known as:

K7AntiVirusTrojan ( 004de29f1 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.EncoderNET.HiddenTear.1
CynetMalicious (score: 100)
ALYacGen:Heur.Ransom.RTH.1
CylanceUnsafe
ZillyaTrojan.Agent.Win32.1144667
SangforTrojan.Win32.Save.a
AlibabaRansom:MSIL/Ryzerlo.830e8c1d
K7GWTrojan ( 004de29f1 )
Cybereasonmalicious.c561f4
SymantecRansom.HiddenTear!g1
ESET-NOD32a variant of MSIL/Filecoder.AK
APEXMalicious
AvastWin32:Trojan-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Heur.Ransom.RTH.1
NANO-AntivirusTrojan.Win32.Filecoder.hjufes
MicroWorld-eScanGen:Heur.Ransom.RTH.1
TencentWin32.Trojan.Generic.Ecue
Ad-AwareGen:Heur.Ransom.RTH.1
SophosMal/Generic-S
ComodoMalware@#1f74cf6izc5fx
BitDefenderThetaGen:NN.ZemsilF.34796.am0@aCaQ!Yi
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_RAMSIL.SM
McAfee-GW-EditionRansomware-FTD!84F457EC561F
FireEyeGeneric.mg.84f457ec561f492f
EmsisoftGen:Heur.Ransom.RTH.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.fokjh
AviraHEUR/AGEN.1122521
MicrosoftRansom:MSIL/Ryzerlo.A
ArcabitTrojan.Ransom.RTH.1
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataMSIL.Trojan-Ransom.Cryptear.X
AhnLab-V3Trojan/Win.Generic.C4403926
McAfeeRansomware-FTD!84F457EC561F
MAXmalware (ai score=83)
MalwarebytesRansom.Rams
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_RAMSIL.SM
YandexTrojan.Filecoder!kQ0zxo7odgQ
IkarusTrojan-Ransom.HiddenTear
MaxSecureTrojan.Malware.7164915.susgen
FortinetMSIL/Filecoder.AK!tr.ransom
AVGWin32:Trojan-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Generic.HwMAQWQA

How to remove Ransom.Rams?

Ransom.Rams removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment