Ransom.Sodinokibi.6 (file analysis)

The Ransom.Sodinokibi.6 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ransom.Sodinokibi.6 virus can do?

• The binary contains an unknown PE section name indicative of packing
• Authenticode signature is invalid

How to determine Ransom.Sodinokibi.6?

File Info:
name: A05F65EEE650728DD8FF.mlw
path: /opt/CAPEv2/storage/binaries/7a2fc796f2d6b3c69b34b6e20d008702a4ed21fae9037ef81161ec7bdceea955
crc32: 331D17F1
md5: a05f65eee650728dd8ffae88bd076815
sha1: 23d60e372fb9558abfb2d6647ed0343c14b27ab5
sha256: 7a2fc796f2d6b3c69b34b6e20d008702a4ed21fae9037ef81161ec7bdceea955
sha512: 4e8e3bc52195f0ada38b5d77cfb306d183de66a8242b32a47732d5ddbac0aa0a7d66d7e888db828915ec72288e52e5210879e73753d9f1c6d7a3adadc1aa0969
ssdeep: 3072:YHddoLxFREDqLYLbi4eTMlwDCnuZ3puJ1f:1LxFRebnWJZ3
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14FF3CF601AC096BAF4BD807CB52FF7F9D36AF008132611CBB360C5545D6B6F4AF29949
sha3_384: 031e02d8e9690c7d21ade2eb33076f291eb28b0aac7c316103e813f203c09179f71d69831e1881ee0db1fe1bab9dc66c
ep_bytes: 
timestamp: 2019-04-29 19:06:06

Version Info:
0: [No Data]

Ransom.Sodinokibi.6 also known as:

How to remove Ransom.Sodinokibi.6?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.