Trojan

Trojan.CryptRedol.Gen.4 malicious file

Malware Removal

The Trojan.CryptRedol.Gen.4 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.CryptRedol.Gen.4 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • At least one process apparently crashed during execution
  • Creates RWX memory
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Trojan.CryptRedol.Gen.4?



File Info:

name: 58779C22A4982D75CECE.mlw
path: /opt/CAPEv2/storage/binaries/ddc078f6c0281622903ade8b16578b7d1cc21f6ed459beb57b174283feca2b49
crc32: DE134BA8
md5: 58779c22a4982d75ceceaf9523921341
sha1: e0303cf391f62824fded33221e0aca998d352cd9
sha256: ddc078f6c0281622903ade8b16578b7d1cc21f6ed459beb57b174283feca2b49
sha512: 232ba4354832b27b33eaf6292ac48caefbbabdbdcd611afcace6e4bb4b1046044d67206098d17a177d1202facf01bc5a0b92d9493e4734bb20fe49cc4bbc79de
ssdeep: 12288:ZF6zNP/veODeIIEFUz7pVE/I2ME93stMEcHRsex9e5ok2upllj6Mv:ZF6zpvbpIEevE93stTcH3x9+ognjZ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T157C423DA606F395ACCA8EF7B1019E47E86D7A0C313E7F9B9416031279993C68C9CD4C9
sha3_384: f44b50655c95bb0033e22c959ca5c14dcb387d8655bc9a3fa549a0a595e229edb94b6c827ae8be2b173ef6bb34023901
ep_bytes: e9000000000f9fc764a13000000066be
timestamp: 2009-03-17 10:55:04


Version Info:

CompanyName: Корпорация Майкрософт
FileDescription: Блокнот
FileVersion: 5.1.2600.5512 (xpsp.080413-2105)
InternalName: Notepad
LegalCopyright: © Корпорация Майкрософт. Все права защищены.
OriginalFilename: NOTEPAD.EXE
ProductName: Операционная система Microsoft® Windows®
ProductVersion: 5.1.2600.5512
Translation: 0x0419 0x04b0

Trojan.CryptRedol.Gen.4 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.lr7H
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.CryptRedol.Gen.4
FireEyeGeneric.mg.58779c22a4982d75
McAfeePWS-Zbot.d
CylanceUnsafe
ZillyaTrojan.Zbot.Win32.3807
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 000a544b1 )
AlibabaTrojanPSW:Win32/EncPk.baca2132
K7GWTrojan ( 000a544b1 )
Cybereasonmalicious.2a4982
BitDefenderThetaAI:Packer.A1D21A7C1F
VirITTrojan.Win32.FakeAlert.KG
CyrenW32/Trojan.CWFN-3646
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Spy.Zbot.JF
TrendMicro-HouseCallTROJ_ZBOT.BBZ
Paloaltogeneric.ml
ClamAVWin.Trojan.Zbot-4713
KasperskyPacked.Win32.Zack.a
BitDefenderTrojan.CryptRedol.Gen.4
NANO-AntivirusTrojan.Win32.Zbot.owkn
SUPERAntiSpywareTrojan.Agent/Gen-Sinar
APEXMalicious
TencentWin32.Packed.Zack.Swlb
Ad-AwareTrojan.CryptRedol.Gen.4
EmsisoftTrojan.CryptRedol.Gen.4 (B)
ComodoTrojWare.Win32.Spy.Zbot.ACI@1rymmb
DrWebTrojan.PWS.Panda.114
VIPRETrojan-Spy.Win32.Zbot.srz (v)
TrendMicroTROJ_ZBOT.BBZ
McAfee-GW-EditionBehavesLike.Win32.Trojan.hc
SophosMal/Generic-R + Mal/EncPk-IB
IkarusPacker.Win32.Zack
GDataTrojan.CryptRedol.Gen.4
JiangminTrojan/Zbot.y
WebrootW32.InfoStealer.Zeus
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=99)
Antiy-AVLTrojan/Generic.ASMalwS.E1F2F
ArcabitTrojan.CryptRedol.Gen.4
ViRobotTrojan.Win32.Agent.70656.J
ZoneAlarmPacked.Win32.Zack.a
MicrosoftPWS:Win32/Zbot.PG
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Zbot.R3341
Acronissuspicious
VBA32Trojan.Zeus.EA.01000
ALYacTrojan.CryptRedol.Gen.4
AvastWin32:MalOb-AM [Cryp]
RisingTrojan.Spy.Win32.Agent.eqr (CLOUD)
YandexTrojan.GenAsa!uxfBLVkbLI0
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.14684.susgen
FortinetW32/Kryptik!tr
AVGWin32:MalOb-AM [Cryp]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Trojan.CryptRedol.Gen.4?

Trojan.CryptRedol.Gen.4 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment