Categories: Ransom

Ransom:Win32/Genasom.IN malicious file

The Ransom:Win32/Genasom.IN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:Win32/Genasom.IN virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Sample contains Overlay data
  • Unconventionial language used in binary resources: Russian
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Ransom:Win32/Genasom.IN?



File Info:

name: B8D1160966BF7471E2C2.mlwpath: /opt/CAPEv2/storage/binaries/00e7d17872f55958c860f87c5bcc44f7947735a5f516f93f9fb611cd3b66ccedcrc32: 4F9AB7A3md5: b8d1160966bf7471e2c2f068385fbfe2sha1: 6a0777d19144f0af3e96f8026bac469435a55547sha256: 00e7d17872f55958c860f87c5bcc44f7947735a5f516f93f9fb611cd3b66ccedsha512: fd9a46318e3e45f0846dfe357db3a06a62c42b78b38e1d776025b5e69384bfcdc0b4c730b7d7a5cf9225cb9acd483091781f93031b628a4fdeaf7d3a2eebae98ssdeep: 768:qs6Jr2rTi31prirL1CiZkCzc9cHKjEtiko8FXAIAOW1yP9aQtbu:tF/iFprq1CwkCVHltw+wIAt1yP9aQMtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1A8536B5A3853C0B3E4064575868686C11FBF6D133AEB542FFF94114E9EF128849BAAF2sha3_384: b92c71a637b9e9bc2bdc79cc7255e316818fa73eab8aff474b1fede5911e0020ddda576eb7ac2dd6f9de80fdf6fd7e42ep_bytes: e85a170000e916feffff558bec81ec28timestamp: 2012-06-12 02:48:15

Version Info:

0: [No Data]

Ransom:Win32/Genasom.IN also known as:

Lionic Trojan.Win32.Generic.lyNC
DrWeb Trojan.Winlock.6027
MicroWorld-eScan Gen:Variant.Zusy.9040
FireEye Generic.mg.b8d1160966bf7471
CAT-QuickHeal Trojan.Vundo.Gen
McAfee Artemis!B8D1160966BF
Cylance Unsafe
Zillya Trojan.Gimemo.Win32.2503
Sangfor Trojan.Win32.Zusy.frzc
K7AntiVirus Spyware ( 002edad51 )
Alibaba Ransom:Win32/Genasom.e94e0416
K7GW Spyware ( 002edad51 )
Cybereason malicious.966bf7
BitDefenderTheta Gen:NN.ZexaF.34582.dqY@ayIghKhk
VirIT Trojan.Win32.Generic.BPZF
Cyren W32/Zbot.EW.gen!Eldorado
Symantec ML.Attribute.HighConfidence
Elastic malicious (high confidence)
ESET-NOD32 Win32/SpyVoltar.A
TrendMicro-HouseCall TROJ_SPNR.30BI13
Paloalto generic.ml
ClamAV Win.Trojan.Agent-624885
Kaspersky HEUR:Trojan.Win32.Generic
BitDefender Gen:Variant.Zusy.9040
NANO-Antivirus Trojan.Win32.Gimemo.sthul
Avast Win32:Buterat-MR [Trj]
Tencent Malware.Win32.Gencirc.10c3a438
Ad-Aware Gen:Variant.Zusy.9040
Emsisoft Gen:Variant.Zusy.9040 (B)
Comodo Malware@#1ueiagajliiv9
VIPRE Gen:Variant.Zusy.9040
TrendMicro TROJ_SPNR.30AE13
McAfee-GW-Edition BehavesLike.Win32.Generic.kh
Sophos Mal/Generic-S
Ikarus Backdoor.Win32.Buterat
GData Gen:Variant.Zusy.9040
Jiangmin Trojan/Gimemo.ckn
Webroot W32.Trojan.Gen
Avira TR/Crypt.XPACK.Gen7
MAX malware (ai score=100)
Antiy-AVL Trojan/Generic.ASMalwS.294
ViRobot Trojan.Win32.A.Gimemo.62980
Microsoft Ransom:Win32/Genasom.IN
Cynet Malicious (score: 99)
ALYac Gen:Variant.Zusy.9040
Malwarebytes Malware.AI.3797926622
APEX Malicious
Rising Trojan.Generic@AI.83 (RDML:hVd6PFMpojbEHFCUDnsVZA)
Yandex Trojan.GenAsa!qzB1zZc+55c
MaxSecure Trojan.Malware.4328208.susgen
Fortinet W32/SpyVoltar.A!tr
AVG Win32:Buterat-MR [Trj]
Panda Generic Malware
CrowdStrike win/malicious_confidence_100% (W)

How to remove Ransom:Win32/Genasom.IN?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: Ransom:Win32/Genasom.IN
2 years ago

Recent Posts

Trojan.Generic.35601204 removal

The Trojan.Generic.35601204 is considered dangerous by lots of security experts. When this infection is active,…

5 mins ago

AIT:Trojan.Nymeria.6000 information

The AIT:Trojan.Nymeria.6000 is considered dangerous by lots of security experts. When this infection is active,…

12 mins ago

MSILHeracles.68689 (B) removal instruction

The MSILHeracles.68689 (B) is considered dangerous by lots of security experts. When this infection is…

16 mins ago

Zusy.547004 removal guide

The Zusy.547004 is considered dangerous by lots of security experts. When this infection is active,…

17 mins ago

Trojan.Win32.Agent.xbnasm removal guide

The Trojan.Win32.Agent.xbnasm is considered dangerous by lots of security experts. When this infection is active,…

21 mins ago

Zusy.541701 malicious file

The Zusy.541701 is considered dangerous by lots of security experts. When this infection is active,…

37 mins ago