Ransom:Win32/Sodinokibi information

Malware Removal

The Ransom:Win32/Sodinokibi is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

ribbon

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
THANK YOU!
DOWNLOAD NOW
On Going Offer

What Ransom:Win32/Sodinokibi virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Ransom:Win32/Sodinokibi?


File Info:

crc32: 200D3BBB
md5: 286866a27144c77662f6815b5e4af8f8
name: huiak.exe
sha1: 30a33d532158c85133d735d809ea17a5de0bf611
sha256: 8beb6c16ab100955c56f1a565a7a416fcbd72e9394b591c0e328a8bc41c5c5bb
sha512: 9fe275d07eb27bfe4124c2a5238e2ca925b3a58e26b43fc6ad4c0e864f4995dddde1fd8ae62a402b3798e3a5d31084dead67fc34abf5ae0a45816b96a198eceb
ssdeep: 384:PaYCS3+cFy848r3pqlWSXeMjGneDXK45a2P5zXial7OPCE:PnH3R0848r3pq99zDa4F5zDi
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

LegalCopyright: Copyright 2013 Adobe Systems Incorporated. All rights reserved.
InternalName: dvaaudiodevice
FileVersion: 7.0.0.0
CompanyName: Adobe Systems Incorporated
Build Number: 0
ProductName: DVA Product
ProductVersion: 7.0.0
FileDescription: DVA Product
OriginalFilename: dvaaudiodevice.dll
Translation: 0x0409 0x04b0

Ransom:Win32/Sodinokibi also known as:

MicroWorld-eScanGen:Variant.Razy.620138
McAfeeArtemis!286866A27144
CylanceUnsafe
AegisLabTrojan.Win32.Razy.4!c
SangforMalware
K7AntiVirusTrojan-Downloader ( 00561bae1 )
BitDefenderGen:Variant.Razy.620138
K7GWTrojan-Downloader ( 00561bae1 )
TrendMicroTROJ_GEN.R002C0PCA20
SymantecTrojan.Gen.2
APEXMalicious
AvastWin32:DropperX-gen [Drp]
GDataGen:Variant.Razy.620138
KasperskyHEUR:Trojan-Spy.MSIL.Stealer.gen
AlibabaTrojanSpy:MSIL/Stealer.b6435c25
NANO-AntivirusTrojan.Win32.Stealer.henhxe
TencentMsil.Trojan-downloader.Agent.Hrfk
EmsisoftGen:Variant.Razy.620138 (B)
F-SecureHeuristic.HEUR/AGEN.1046951
DrWebTrojan.KillProc2.9167
ZillyaDownloader.Agent.Win32.402710
Invinceaheuristic
McAfee-GW-EditionRDN/Generic Downloader.x
Trapminesuspicious.low.ml.score
FireEyeGeneric.mg.286866a27144c776
SophosMal/Generic-S
IkarusTrojan-Downloader.MSIL.Agent
CyrenW32/Trojan.FVOH-3669
JiangminTrojanSpy.MSIL.ansd
AviraHEUR/AGEN.1046951
WebrootW32.Trojan.MSIL.Stealer
MAXmalware (ai score=82)
Antiy-AVLTrojan[Downloader]/MSIL.Agent
ArcabitTrojan.Razy.D9766A
ZoneAlarmHEUR:Trojan-Spy.MSIL.Stealer.gen
MicrosoftRansom:Win32/Sodinokibi
VBA32TScope.Trojan.MSIL
ALYacGen:Variant.Razy.620138
Ad-AwareGen:Variant.Razy.620138
PandaTrj/GdSda.A
ESET-NOD32a variant of MSIL/TrojanDownloader.Agent.GAO
TrendMicro-HouseCallTROJ_GEN.R002C0PCA20
RisingSpyware.Stealer!8.3090 (CLOUD)
SentinelOneDFI – Malicious PE
FortinetMSIL/Agent.GAL!tr
BitDefenderThetaGen:NN.ZemsilF.34100.bm0@ayvfutpi
AVGWin32:DropperX-gen [Drp]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_80% (W)
Qihoo-360Generic/Trojan.6f3

How to remove Ransom:Win32/Sodinokibi?

Ransom:Win32/Sodinokibi removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment