Trojan

What is “Trojan.Generic.6104163”?

Malware Removal

The Trojan.Generic.6104163 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan.Generic.6104163 virus can do?

  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Attempts to modify Explorer settings to prevent hidden files from being displayed
  • Yara detections observed in process dumps, payloads or dropped files

How to determine Trojan.Generic.6104163?


File Info:

name: F1475B17F0CB7A06FBFF.mlw
path: /opt/CAPEv2/storage/binaries/a1f180fc22567b74e1cf4e62b499637ae44fd5ff1cc230c9426986ddd287dd03
crc32: 35B09C53
md5: f1475b17f0cb7a06fbffbc4bde419a3e
sha1: 753550bf6282f4184523769923bfefe0b39bceec
sha256: a1f180fc22567b74e1cf4e62b499637ae44fd5ff1cc230c9426986ddd287dd03
sha512: aaf7c8945b3c69dd690d6faa496e97844710a09840d65ce680886463c89884509ab22a41bb0a367922e98268c5b718fae4dbfd709875df382253cbbf64395dc9
ssdeep: 3072:DGbHwx3GsAFyQbXO0kwXmFRqAh+7QouCv8BATTy+zL9GwqRlcBapeEdmIMyXu:DG7u6jrkwvKaXR0cyYLF6lcBapBdd
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T118F312FEFA51339EE22C51BF799F4A344F10E818B9A8679A1B48D63BB8E44C58340057
sha3_384: 2224e1f82fafd8d7fbfd400087074bfa08494e16a2bcebc3e3d9d539eb916d05024cd0c307d816373d5b4ed200240a80
ep_bytes: 60be007044008dbe00a0fbffc7879c20
timestamp: 1992-06-19 22:22:17

Version Info:

0: [No Data]

Trojan.Generic.6104163 also known as:

AVGWin32:LockScreen-AHV [Trj]
Elasticmalicious (moderate confidence)
MicroWorld-eScanTrojan.Generic.6104163
FireEyeGeneric.mg.f1475b17f0cb7a06
CAT-QuickHealRansom.Weenloc.A8
SkyhighTrojan-FAZX!0638431B9E62
McAfeeGenericRXAA-AA!F1475B17F0CB
Cylanceunsafe
ZillyaTrojan.Fullscreen.Win32.36
SangforRansom.Win32.Save.a
AlibabaRansom:Win32/Blocker.26e4ae68
K7GWRansomware ( 0039911e1 )
K7AntiVirusRansomware ( 0039911e1 )
BaiduWin32.Trojan.LockScreen.b
VirITTrojan.Win32.Generic.NEI
SymantecTrojan.Ransomlock
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/LockScreen.AGU
CynetMalicious (score: 99)
APEXMalicious
AvastWin32:LockScreen-AHV [Trj]
ClamAVWin.Ransomware.Fullscreen-7347612-0
KasperskyTrojan-Ransom.Win32.Blocker.jzec
BitDefenderTrojan.Generic.6104163
NANO-AntivirusTrojan.Win32.Ransom.crnep
SUPERAntiSpywareTrojan.Agent/Gen-Ransom
TencentTrojan-Ransom.Win32.Blocker.jzec
EmsisoftTrojan.Generic.6104163 (B)
F-SecureDropper.DR/Delphi.Gen4
DrWebTrojan.Winlock.3333
VIPRETrojan.Generic.6104163
TrendMicroRansom_WINLOCK.SM
Trapminesuspicious.low.ml.score
SophosMal/Ransom-AI
Paloaltogeneric.ml
GDataTrojan.Generic.6104163
JiangminTrojan/Fullscreen.ak
WebrootW32.Trojan.Gen
VaristW32/Trojan.GDVD-7096
AviraDR/Delphi.Gen4
MAXmalware (ai score=88)
Antiy-AVLTrojan[Ransom]/Win32.Birele
XcitiumTrojWare.Win32.Ransom.Fullscreen.fgt@4t6ar8
ArcabitTrojan.Generic.D5D2463
ZoneAlarmTrojan-Ransom.Win32.Blocker.jzec
MicrosoftTrojan:Win32/Wacatac.A!ml
GoogleDetected
AhnLab-V3Trojan/Win32.Winlock.C134008
VBA32TrojanRansom.Blocker
ALYacTrojan.Generic.6104163
TACHYONRansom/W32.DP-PornoAsset.407040
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallRansom_WINLOCK.SM
RisingTrojan.Win32.Weenloc.a (CLOUD)
YandexTrojan.GenAsa!EkA5wRxKoJY
IkarusTrojan-Ransom.Birele
FortinetW32/LockScreen.AGU!tr
BitDefenderThetaGen:NN.ZelphiF.36804.jmGfaOAqoQfI
DeepInstinctMALICIOUS
alibabacloudRansomWare:Win/Lockscreen

How to remove Trojan.Generic.6104163?

Trojan.Generic.6104163 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment