Ransom

Ransom:MSIL/Crawl malicious file

Malware Removal

The Ransom:MSIL/Crawl is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:MSIL/Crawl virus can do?

  • Attempts to connect to a dead IP:Port (1 unique times)
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Network activity contains more than one unique useragent.
  • Attempts to modify proxy settings

Related domains:

www.rebategiant.com
edgedl.me.gvt1.com

How to determine Ransom:MSIL/Crawl?



File Info:

crc32: 97347791
md5: 1c04cff95194fe88f5749da3e6cacc79
name: 1C04CFF95194FE88F5749DA3E6CACC79.mlw
sha1: 41179d239a08601c9b5a718c5020fc7e9a5612cd
sha256: a4797a2e6ba660bf0cff5a07bcdbda7873cde050c6dc5bdf951302c51ddde700
sha512: 33c87f26cd44a49a2336b0b613f24dd0ded9d2b0457e15f5813526b23805e2058a75b146be289e3fda5a31765f5ca162ca51a5f7fa4890e5dbc06fa0aa863ebf
ssdeep: 24576:/P9UsV0xYhRl1TVfrJjC6wo5xZktjvkC79Caz4Y61onIOOk3miY9Ni6:/lx0xaTNl3xZUnNUYwKck3mbR
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Inbox.com, Inc.
FileVersion: 1.0.0.88
CompanyName: Inbox.com, Inc.
LegalTrademarks: 
ProductName: RebateInformer
FileDescription: RebateInformer
OriginalFilename: RebateInf.exe
Translation: 0x0409 0x04b0

Ransom:MSIL/Crawl also known as:

CylanceUnsafe
K7GWTrojan ( 7000000f1 )
K7AntiVirusTrojan ( 7000000f1 )
ESET-NOD32a variant of Win32/Toolbar.Inbox.B potentially unwanted
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 99)
SophosGeneric PUA EB (PUA)
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.BadFile.tc
FireEyeGeneric.mg.1c04cff95194fe88
EmsisoftApplication.InstallBox (A)
SentinelOneStatic AI – Suspicious PE
AviraPUA/Crawler.Gen
MicrosoftRansom:MSIL/Crawl
SUPERAntiSpywarePUP.RebateInformer/Variant
McAfeeArtemis!1C04CFF95194
VBA32BScope.Trojan.AntiAV
MalwarebytesMalware.AI.4133640981
RisingTrojan.Generic@ML.89 (RDML:WJimRBHHl7LlbFoJNBaS8A)
MaxSecureTrojan.Malware.300983.susgen
FortinetRiskware/Inbox
AVGWin32:Malware-gen

How to remove Ransom:MSIL/Crawl?

Ransom:MSIL/Crawl removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment