Ransom

Ransom:Win32/Molock.A!bit removal tips

Malware Removal

The Ransom:Win32/Molock.A!bit is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:Win32/Molock.A!bit virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Likely installs a bootkit via raw harddisk modifications
  • Attempts to restart the guest VM
  • Network activity detected but not expressed in API logs

How to determine Ransom:Win32/Molock.A!bit?



File Info:

crc32: 3A21000D
md5: 3065136a889dec358b37e44a6f8bcc30
name: 3065136A889DEC358B37E44A6F8BCC30.mlw
sha1: a521edf95187fc010579cfb7d60a382a5d15ab89
sha256: 570bfa1c8d36ed350ad5041c7539c4988a6149f581ba3adeafa7f52ee77f68cc
sha512: 4157c37226585b8032986ddecee44fb57610e23c9646b186fdf16626e5532f2d99ee03a03a7b277974c80ff53d666aa35a7a3b827eac58a4a0f7783908f29baa
ssdeep: 12288:pz9WeBneuUGNG/MC86kdOlEQbKKeqbJBLBkAZTz68:pzYYnRUIGC6sQEQbNbPZTzn
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: www.xiaodao.la
FileVersion: 1.0.0.0
CompanyName: QQxff1a253957
Comments: www.xiaodao.la
ProductName: www.xiaodao.la
ProductVersion: 1.0.0.0
FileDescription: www.xiaodao.la
Translation: 0x0804 0x04b0

Ransom:Win32/Molock.A!bit also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Wsgame.51180
MicroWorld-eScanGeneric.Ransom.MBRLock.5CFCE7AE
CAT-QuickHealTrojan.GenericRI.S18564192
ALYacGeneric.Ransom.MBRLock.5CFCE7AE
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforWin.Malware.Zusy-6840460-0
K7AntiVirusTrojan ( 004f6c891 )
BitDefenderGeneric.Ransom.MBRLock.5CFCE7AE
K7GWTrojan ( 004f6c891 )
Cybereasonmalicious.a889de
BitDefenderThetaGen:NN.ZexaF.34590.Rq0@aWNSIggb
CyrenW32/Agent.EW.gen!Eldorado
SymantecSMG.Heur!gen
ESET-NOD32Win32/MBRlock.AQ
ZonerTrojan.Win32.85323
TrendMicro-HouseCallRansom.Win32.MBRLOCKER.SM
AvastWin32:Malware-gen
ClamAVWin.Trojan.Generic-6629269-0
KasperskyTrojan-Ransom.Win32.Foreign.nbtp
NANO-AntivirusTrojan.Win32.Agent.ecvuvb
Ad-AwareGeneric.Ransom.MBRLock.5CFCE7AE
TACHYONTrojan/W32.Agent.712704.LI
EmsisoftGeneric.Ransom.MBRLock.5CFCE7AE (B)
ComodoWorm.Win32.Dropper.RA@1qraug
F-SecureTrojan.TR/Foreign.tsbr
ZillyaTrojan.GenericKD.Win32.7287
TrendMicroRansom.Win32.MBRLOCKER.SM
McAfee-GW-EditionBehavesLike.Win32.Dropper.jh
FireEyeGeneric.mg.3065136a889dec35
SophosMal/Generic-S
IkarusTrojan.Win32.MBRlock
JiangminTrojan.Foreign.aws
eGambitUnsafe.AI_Score_99%
AviraTR/Foreign.tsbr
Antiy-AVLGrayWare/Win32.FlyStudio.a
MicrosoftRansom:Win32/Molock.A!bit
GridinsoftTrojan.Win32.Gen.bot!i
ArcabitGeneric.Ransom.MBRLock.5CFCE7AE
ZoneAlarmTrojan-Ransom.Win32.Foreign.nbtp
GDataWin32.Trojan-Ransom.Molock.A
CynetMalicious (score: 100)
AhnLab-V3Malware/Gen.RL_Generic.R366962
Acronissuspicious
McAfeeGenericRXES-GN!3065136A889D
MAXmalware (ai score=81)
VBA32Hoax.Foreign
MalwarebytesTrojan.MalPack.FlyStudio
APEXMalicious
RisingRansom.MBRlock!1.B6DC (KTSE)
YandexTrojan.Foreign!L4ceLLO5LDA
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/MBRlock.AQ!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Trojan.Foreign.HwcBgFMA

How to remove Ransom:Win32/Molock.A!bit?

Ransom:Win32/Molock.A!bit removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment