Malware

Symmi.72872 (B) malicious file

Malware Removal

The Symmi.72872 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Symmi.72872 (B) virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • A process created a hidden window
  • Creates an excessive number of UDP connection attempts to external IP addresses
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Attempts to modify desktop wallpaper
  • Exhibits behavior characteristic of Cerber ransomware
  • Attempts to execute a binary from a dead or sinkholed URL
  • Exhibits possible ransomware file modification behavior
  • Writes a potential ransom message to disk
  • Creates a hidden or system file
  • EternalBlue behavior
  • Attempts to access Bitcoin/ALTCoin wallets
  • Generates some ICMP traffic
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Symmi.72872 (B)?



File Info:

crc32: 26DCA041
md5: b0e94d86bdf72e82969b47357ba7e41b
name: B0E94D86BDF72E82969B47357BA7E41B.mlw
sha1: 71f8b486c37fe594c3878ba1a0ce8c22e6a81fd4
sha256: 5f36028341fb15efc0ea6c7c22ee77909be464dc37fa8ecd31005102c99c1b91
sha512: 1bd50780fe4a453200a469a294752cce8d492196d0e7b27cb08f09eada87fc0c045a85e3330270212c16e540bef0d3538472f4e2ca8a5a4ad81b63d9ffe9de5c
ssdeep: 6144:ZXmPLw17WynAdRXShRCSoSfRJd2ijsSazwZsHo0wlTyXc4t+/qemoNNozvX:4PLwgyn4RXShV5RJcUEwUoeMhqv
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileVersion: 9.1
CompanyName: WinAbilityxae Software Corporation
Translation: 0x0409 0x04b0

Symmi.72872 (B) also known as:

Elasticmalicious (high confidence)
FireEyeGeneric.mg.b0e94d86bdf72e82
CAT-QuickHealRansom.Cerber.A4
McAfeeRansomware-CBER!B0E94D86BDF7
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Generic.4!c
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 005224381 )
K7GWTrojan ( 0050974f1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.34590.1q1@a03bxtni
CyrenW32/S-1af0e7f5!Eldorado
TrendMicro-HouseCallRansom_HPCERBER.SMALY5A
AvastWin32:Malware-gen
AlibabaRansom:Win32/Cerber.eef95f3a
NANO-AntivirusTrojan.Win32.Zerber.evilho
RisingTrojan.Kryptik!1.AE9C (CLOUD)
Ad-AwareGen:Variant.Symmi.72872
SophosML/PE-A + Mal/Cerber-B
ComodoTrojWare.Win32.Ransom.Cerber.FJ@6wjqwh
F-SecureHeuristic.HEUR/AGEN.1105907
DrWebTrojan.Siggen7.33488
ZillyaTrojan.Zerber.Win32.3945
McAfee-GW-EditionBehavesLike.Win32.Adopshel.ct
EmsisoftGen:Variant.Symmi.72872 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.fmwii
AviraHEUR/AGEN.1105907
MAXmalware (ai score=100)
Antiy-AVLTrojan/Win32.SGeneric
MicrosoftRansom:Win32/Cerber
ArcabitTrojan.Symmi.D11CA8
ZoneAlarmHEUR:Trojan.Win32.Generic
CynetMalicious (score: 100)
AhnLab-V3Win-Trojan/Cerber.Gen
Acronissuspicious
VBA32BScope.TrojanDownloader.Dridex
ALYacGen:Variant.Symmi.72872
MalwarebytesMalware.AI.3527749414
PandaTrj/GdSda.A
APEXMalicious
TencentMalware.Win32.Gencirc.10b68fd5
YandexTrojan.GenAsa!L81G3n7pOxo
IkarusTrojan-Ransom.Cerber
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.HJJV!tr
AVGWin32:Malware-gen
Cybereasonmalicious.6bdf72
Paloaltogeneric.ml

How to remove Symmi.72872 (B)?

Symmi.72872 (B) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment