Ransom

Ransom:MSIL/HiddenTear.A!MTB removal guide

Malware Removal

The Ransom:MSIL/HiddenTear.A!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:MSIL/HiddenTear.A!MTB virus can do?

  • Network activity detected but not expressed in API logs

How to determine Ransom:MSIL/HiddenTear.A!MTB?



File Info:

crc32: 6FEE23DF
md5: 03ee32472599871f56360329181007d0
name: 03EE32472599871F56360329181007D0.mlw
sha1: 8d03000993aa4f1dc06b75db5d7adadb41a87e13
sha256: 5d244d407fdc0f5927557516b57ed808a8123c27c0d8b66b8f12697d4f2ec6db
sha512: 732362f546c349ef0154af6ff6697b6e83cb4f739d83fd76e1a1292f30b394a2baf754b003fbd0907e17bb96ac34b3d94029c6158bfc03506a9432dfcca689fa
ssdeep: 1536:Be3aE6gsiIFfl5eNHofLbQ9HrvRD/ADLwnNCulDlz10V+FPjAQ:hEyl5uubQ9r9FCuhZ10cFPjr
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2017
Assembly Version: 1.0.0.0
InternalName: MSProtect.exe
FileVersion: 1.0.0.0
CompanyName: MS Sistemas
LegalTrademarks: 
Comments: MS Protexe7xe3o de Arquivos
ProductName: MSProtect
ProductVersion: 1.0.0.0
FileDescription: MSProtect
OriginalFilename: MSProtect.exe

Ransom:MSIL/HiddenTear.A!MTB also known as:

Elasticmalicious (high confidence)
ALYacGeneric.Ransom.Hiddentear.A.4BD2F390
SangforTrojan.Win32.Save.a
BitDefenderGeneric.Ransom.Hiddentear.A.4BD2F390
Cybereasonmalicious.725998
APEXMalicious
KasperskyHEUR:Trojan-Ransom.MSIL.Agent.gen
MicroWorld-eScanGeneric.Ransom.Hiddentear.A.4BD2F390
Ad-AwareGeneric.Ransom.Hiddentear.A.4BD2F390
FireEyeGeneric.Ransom.Hiddentear.A.4BD2F390
EmsisoftGeneric.Ransom.Hiddentear.A.4BD2F390 (B)
MicrosoftRansom:MSIL/HiddenTear.A!MTB
ZoneAlarmHEUR:Trojan-Ransom.MSIL.Agent.gen
GDataGeneric.Ransom.Hiddentear.A.4BD2F390
MAXmalware (ai score=86)
MalwarebytesRansom.FileCryptor
MaxSecureTrojan.Malware.121218.susgen
FortinetMSIL/Filecoder.1E42!tr.ransom

How to remove Ransom:MSIL/HiddenTear.A!MTB?

Ransom:MSIL/HiddenTear.A!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment