Ransom

Ransom:Win32/Tescrypt.D malicious file

Malware Removal

The Ransom:Win32/Tescrypt.D is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Ransom:Win32/Tescrypt.D virus can do?

  • Unconventionial language used in binary resources: Rhaeto (Romance)
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Ransom:Win32/Tescrypt.D?



File Info:

crc32: 6C81F4CD
md5: 6dd17acf387b5b72f630c7cb77c67e80
name: 6DD17ACF387B5B72F630C7CB77C67E80.mlw
sha1: 79a0fdb879297545bfa51006de310d819b84ec85
sha256: ffe60d2673f10aa6564f1a8391b7410701a8cd1656b9c6e7aa3caf37b56ec6b7
sha512: a5366870a2745bc68e4ad6b9949353f77f61ef37c32ad3cca401ef2b5aa128278e272f41be4a868e297a248daedb9c9967aa038145912c81d29914bd2b876f90
ssdeep: 6144:+N3/KmjtPG0fjs3J6257BODto21klkW5gaca/TQyTYMam84:2Ko/rd25Yt9WkwYMO4
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Ransom:Win32/Tescrypt.D also known as:

BkavW32.FamVT.RazyNHmC.Trojan
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Lethic.Gen.14
FireEyeGeneric.mg.6dd17acf387b5b72
CAT-QuickHealRansom.Tescrypt.A4
McAfeeRansom-Tescrypt!6DD17ACF387B
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderTrojan.Lethic.Gen.14
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.f387b5
BitDefenderThetaGen:NN.ZexaF.34590.vqW@aygqIWnO
CyrenW32/Rovnix.C.gen!Eldorado
SymantecPacked.Generic.521
ESET-NOD32a variant of Win32/Kryptik.EQFO
BaiduWin32.Trojan.Kryptik.aio
APEXMalicious
AvastWin32:Mutex-A [Trj]
ClamAVWin.Ransomware.Lethic-7552762-0
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Encoder.eauonc
AegisLabTrojan.Win32.Bitman.j!c
RisingRansom.Tescrypt!8.3AF (CLOUD)
Ad-AwareTrojan.Lethic.Gen.14
EmsisoftTrojan.Lethic.Gen.14 (B)
ComodoTrojWare.Win32.Yakes.QFO@6b53ea
F-SecureHeuristic.HEUR/AGEN.1115790
DrWebTrojan.Encoder.4084
ZillyaTrojan.Bitman.Win32.1995
TrendMicroRansom_CRYPTESLA.SMA6
McAfee-GW-EditionBehavesLike.Win32.Generic.fh
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Bitman.qj
eGambitUnsafe.AI_Score_99%
AviraHEUR/AGEN.1115790
MAXmalware (ai score=80)
Antiy-AVLTrojan[Ransom]/Win32.Bitman
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftRansom:Win32/Tescrypt.D
ArcabitTrojan.Lethic.Gen.14
SUPERAntiSpywareTrojan.Agent/Gen-Ransom
AhnLab-V3Trojan/Win32.Upbot.C1344612
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Lethic.Gen.14
CynetMalicious (score: 100)
VBA32Malware-Cryptor.Limpopo
ALYacTrojan.Lethic.Gen.14
MalwarebytesGeneric.Malware/Suspicious
PandaTrj/Genetic.gen
TrendMicro-HouseCallRansom_CRYPTESLA.SMA6
TencentMalware.Win32.Gencirc.10c00f19
YandexTrojan.GenAsa!OhSn9BvncxE
IkarusTrojan-Ransom.TeslaCrypt
FortinetW32/Kryptik.EQFO!tr
WebrootW32.Trojan.Gen
AVGWin32:Mutex-A [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Generic/Trojan.16d

How to remove Ransom:Win32/Tescrypt.D?

Ransom:Win32/Tescrypt.D removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment