Categories: Ransom

Should I remove “Ransom:Win32/PlayCrypt.PA!MTB”?

The Ransom:Win32/PlayCrypt.PA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Ransom:Win32/PlayCrypt.PA!MTB virus can do?

Yara rule detections observed from a process memory dump/dropped files/CAPE
Authenticode signature is invalid
Exhibits possible ransomware file modification behavior

How to determine Ransom:Win32/PlayCrypt.PA!MTB?


File Info:
name: 6D4F93DCE13AA48BBE04.mlwpath: /opt/CAPEv2/storage/binaries/24c4099ad588f1fd6fd092a9f1e11c102474b7b84bbcc4309eb96e235f32734ecrc32: A58562B3md5: 6d4f93dce13aa48bbe04132459b5ed3bsha1: 13c8a51b5ae086d9fcbf7158235446bacb2e6d64sha256: 24c4099ad588f1fd6fd092a9f1e11c102474b7b84bbcc4309eb96e235f32734esha512: e6b13b8e74ad3753b0d73a45089f0dd0864235bef2b47fd3ef85a2e3ce7043696092d27a5b027d92c0cc917246052aaa95752bcb15261cbef23f157831a22a64ssdeep: 3072:ElCgCkdiuezfR7uZO13PEzeotYgw0GUXl2bxW1/9JLdC/fhKJ2yhnDuG:dgXyuE0zcUV2K91GEnnXtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T10A048D25A7A3D176EA72053425E59FF5CA2839300B0189EBA7801F7969385F2E135F3Fsha3_384: 21d96d9e38a1709bd9f62eca42d15ec61916ea679ac74dd098bfdc79e0af4c290973a28ae574519f30ec37f4d3b8782fep_bytes: e8ec020000e97afeffff558beca104b0timestamp: 2022-08-11 06:08:46
Version Info:
0: [No Data]

Ransom:Win32/PlayCrypt.PA!MTB also known as:

Bkav	W32.AIDetect.malware2
Cynet	Malicious (score: 100)
FireEye	Generic.mg.6d4f93dce13aa48b
McAfee	GenericRXTX-CG!6D4F93DCE13A
Cylance	Unsafe
VIPRE	Gen:Variant.Fragtor.128395
Sangfor	Trojan.Win32.Save.a
BitDefender	Gen:Variant.Fragtor.128395
Cyren	W32/Filecoder.DP.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Filecoder.OLT
APEX	Malicious
Kaspersky	Trojan-Ransom.Win32.Agent.bard
NANO-Antivirus	Trojan.Win32.FileCoder.jrlveh
MicroWorld-eScan	Gen:Variant.Fragtor.128395
Avast	Win32:RansomX-gen [Ransom]
Ad-Aware	Gen:Variant.Fragtor.128395
Emsisoft	Gen:Variant.Fragtor.128395 (B)
TrendMicro	Ransom_PlayCrypt.R06CC0DHF22
Sophos	ML/PE-A
GData	Gen:Variant.Fragtor.128395
Antiy-AVL	Trojan/Generic.ASMalwS.1D6F
Arcabit	Trojan.Fragtor.D1F58B
ZoneAlarm	Trojan-Ransom.Win32.Agent.bard
Microsoft	Ransom:Win32/PlayCrypt.PA!MTB
Google	Detected
AhnLab-V3	Trojan/Win.Generic.C5217612
ALYac	Gen:Variant.Fragtor.128395
MAX	malware (ai score=88)
Malwarebytes	Malware.AI.4139276920
TrendMicro-HouseCall	Ransom_PlayCrypt.R06CC0DHF22
Rising	Trojan.Generic@AI.91 (RDML:aFuoD3wGhT/VyhOHjI2NoQ)
Yandex	Trojan.GenAsa!DS+xdKjbUw0
SentinelOne	Static AI – Suspicious PE
BitDefenderTheta	Gen:NN.ZexaF.34606.lqW@aa!!A3b
AVG	Win32:RansomX-gen [Ransom]
Panda	Trj/GdSda.A