Ransom:Win32/Sagecrypt.A!rsm removal tips

The Ransom:Win32/Sagecrypt.A!rsm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Ransom:Win32/Sagecrypt.A!rsm virus can do?

The binary likely contains encrypted or compressed data.

How to determine Ransom:Win32/Sagecrypt.A!rsm?


File Info:
crc32: 8A92CDBB
md5: 49d3bd23516742a7eb181c03e6e85cb9
name: 49D3BD23516742A7EB181C03E6E85CB9.mlw
sha1: 90080d33bd24451b0e8bb5a173931b0ae70b50b0
sha256: 97eeeb6917a42e163f8b8aad8454537b998a7ca44afe2b1f03f2954beba52308
sha512: 9e5bd94300d6e2469039d768fffe021d3ecd6b8ffe3f54eb17d4e825089f21935f9b8278e5ed27a5199dd29dbed2384b2caf3b9f691e73671b1420c67b20d042
ssdeep: 6144:jTTBEPZ8cTv2qjuCf6Tt+W9k7fA58Uo2lLNLbiY:fWR72Ofy9GW8Ni52Y
type: MS-DOS executable, MZ for MS-DOS

Version Info:
0: [No Data]

Ransom:Win32/Sagecrypt.A!rsm also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0052964f1 )
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Gen:Trojan.Heur.GM.0104012002
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Ransom:Win32/SageCrypt.987aa152
K7GW	Trojan ( 0052964f1 )
Cybereason	malicious.351674
Symantec	Ransom.Cry!gm
ESET-NOD32	a variant of Generik.LABZKYZ
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.SageCrypt.dxn
BitDefender	Gen:Trojan.Heur.GM.0104012002
NANO-Antivirus	Trojan.Win32.SageCrypt.evyrzd
MicroWorld-eScan	Gen:Trojan.Heur.GM.0104012002
Tencent	Win32.Trojan.Sagecrypt.Pgdf
Ad-Aware	Gen:Trojan.Heur.GM.0104012002
Sophos	Mal/Generic-S
Comodo	Malware@#3efnwb6akrv78
BitDefenderTheta	AI:Packer.778392D71D
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_Sagecrypt.R002C0CK520
McAfee-GW-Edition	BehavesLike.Win32.Generic.dc
FireEye	Generic.mg.49d3bd23516742a7
Emsisoft	Gen:Trojan.Heur.GM.0104012002 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.SageCrypt.nc
Avira	TR/Crypt.XPACK.Gen
Microsoft	Ransom:Win32/Sagecrypt.A!rsm
AegisLab	Trojan.Multi.Generic.4!c
GData	Gen:Trojan.Heur.GM.0104012002
Acronis	suspicious
McAfee	Generic.cwu
MAX	malware (ai score=97)
VBA32	Hoax.SageCrypt
Malwarebytes	Malware.Heuristic.1003
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom_Sagecrypt.R002C0CK520
Rising	Ransom.Sagecrypt!8.E42C (CLOUD)
Yandex	Trojan.SageCrypt!ZG3S0p0rTNU
Ikarus	Trojan.SuspectCRC
Fortinet	W32/SageCrypt.DXN!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.SageCryp.HxIBGFsA

How to remove Ransom:Win32/Sagecrypt.A!rsm?

Ransom:Win32/Sagecrypt.A!rsm removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X