Ransom

Should I remove “Ransom:MSIL/Cryptolocker.EX!MTB”?

Malware Removal

The Ransom:MSIL/Cryptolocker.EX!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Ransom:MSIL/Cryptolocker.EX!MTB virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Ransom:MSIL/Cryptolocker.EX!MTB?


File Info:

crc32: E0D33DE3
md5: 1f8dc15094e0bea96ac69496d8992ccc
name: 1F8DC15094E0BEA96AC69496D8992CCC.mlw
sha1: 5d02fd5f2fde0339920674f558889edf0db54881
sha256: 35aba016885bb62f6100c1197f8ab5ab6c1b1f33d915cd715fd7809e6d1609d5
sha512: b28b40e56b3c7f921465ade90012f380e7ae26f7a779a2d5ad83330df2a54bfc3f2e42473cb183764a60f2289a897f5affd720d1c49ee91e63d942e9160d9bea
ssdeep: 192:PUQPvG1i2yG6BekPv26SBrV+wG98dzYcLePgvJsM:PbPvEi2V6fsTG9iYcLWF
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2021
Assembly Version: 1.0.4.0
InternalName: CrackGen.exe
FileVersion: 1.0.4.0
CompanyName:
LegalTrademarks:
Comments:
ProductName: CrackGen
ProductVersion: 1.0.4.0
FileDescription: CrackGen
OriginalFilename: CrackGen.exe

Ransom:MSIL/Cryptolocker.EX!MTB also known as:

K7AntiVirusTrojan ( 005816771 )
LionicTrojan.Win32.Bulz.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
ALYacGen:Variant.Bulz.617795
CylanceUnsafe
AlibabaTrojan:MSIL/Filecoder.5fe21bc5
K7GWTrojan ( 005816771 )
CyrenW32/Wacapew.AZ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Filecoder.AKU
APEXMalicious
AvastWin32:MalwareX-gen [Trj]
BitDefenderGen:Variant.Bulz.617795
MicroWorld-eScanGen:Variant.Bulz.617795
TencentWin32.Trojan.Bulz.Ebrp
Ad-AwareGen:Variant.Bulz.617795
SophosMal/Generic-S
TrendMicroRansom_Cryptolocker.R011C0DIG21
McAfee-GW-EditionGenericRXPT-ON!1F8DC15094E0
FireEyeGen:Variant.Bulz.617795
EmsisoftGen:Variant.Bulz.617795 (B)
AviraTR/Ransom.xejir
MicrosoftRansom:MSIL/Cryptolocker.EX!MTB
ArcabitTrojan.Bulz.D96D43
GDataGen:Variant.Bulz.617795
AhnLab-V3Trojan/Win.Generic.C4605072
McAfeeGenericRXPT-ON!1F8DC15094E0
MAXmalware (ai score=81)
MalwarebytesRansom.FileCryptor
TrendMicro-HouseCallRansom_Cryptolocker.R011C0DIG21
IkarusTrojan-Spy.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat
AVGWin32:MalwareX-gen [Trj]

How to remove Ransom:MSIL/Cryptolocker.EX!MTB?

Ransom:MSIL/Cryptolocker.EX!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment