Ransom Trojan

Trojan.Ransom.AJD malicious file

Malware Removal

The Trojan.Ransom.AJD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Ransom.AJD virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • A process created a hidden window
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to delete volume shadow copies
  • A system process is generating network traffic likely as a result of process injection
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings
  • Attempts to modify browser security settings
  • Creates a copy of itself
  • Harvests information related to installed mail clients
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz
lepodick.ru

How to determine Trojan.Ransom.AJD?



File Info:

crc32: AE36689B
md5: 6f4827f8d9fd3b8c1d6eb88d77d0ff27
name: 6F4827F8D9FD3B8C1D6EB88D77D0FF27.mlw
sha1: fe14d688fab255876be9fa520968f0c84a579e89
sha256: bcb11ce4958b7371e4c1b1fb80944026b94a0ff497cf7b95d31143658c641384
sha512: f1b1efb013b48c82d7b08047ff4e53fbedacfe6942d78268ac87e0c3138a33af0dc2b5d78e2c83b31df6b7aff3433350c21c2aeef5d19e44f3fa0f2cc1fb5f08
ssdeep: 6144:uo03uWT8/lhppzifXPChCdaag0qg1XuoZIswCNKT9pF:uo03K/pzi15qg1FdypF
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 1996-2013 Markus F.X.J. Oberhumer
InternalName: upx.exe
FileVersion: 3.91 (2013-09-30)
CompanyName: The UPX Team http://upx.sf.net
ProductName: UPX
ProductVersion: 3.91 (2013-09-30)
FileDescription: UPX executable packer
OriginalFilename: upx.exe
Translation: 0x0409 0x04b0

Trojan.Ransom.AJD also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0055e3ef1 )
LionicTrojan.Win32.Androm.m!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.991
MicroWorld-eScanTrojan.Ransom.AJD
ALYacTrojan.Ransom.AJD
CylanceUnsafe
ZillyaBackdoor.Androm.Win32.18414
CrowdStrikewin/malicious_confidence_80% (D)
K7GWTrojan ( 0055e3ef1 )
Cybereasonmalicious.8d9fd3
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Filecoder.TorrentLocker.A
APEXMalicious
AvastSf:Crypt-IS [Trj]
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.Rack.iko
BitDefenderTrojan.Ransom.AJD
NANO-AntivirusTrojan.Win32.Androm.dqyche
TencentWin32.Backdoor.Androm.Wqxc
Ad-AwareTrojan.Ransom.AJD
SophosMal/Generic-S
ComodoMalware@#3h730shor06ar
BitDefenderThetaGen:NN.ZexaF.34050.su0@aOENfOgi
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionRansom-O.a
FireEyeGeneric.mg.6f4827f8d9fd3b8c
EmsisoftTrojan.Ransom.AJD (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan/Lac.h
WebrootW32.Polyransom
AviraTR/Crypt.XPACK.158407
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwS.104D87B
KingsoftWin32.Hack.Androm.gr.(kcloud)
MicrosoftRansom:Win32/Teerac.A
ArcabitTrojan.Ransom.AJD
SUPERAntiSpywareTrojan.Agent/Gen-XPack
ZoneAlarmTrojan-Ransom.Win32.Rack.iko
GDataTrojan.Ransom.AJD
TACHYONTrojan/W32.Ransom.301568
AhnLab-V3Trojan/Win32.Cryptolocker.C822070
Acronissuspicious
McAfeeRansom-O.a
MAXmalware (ai score=100)
VBA32BScope.TrojanRansom.Rack
PandaTrj/Ransom.BH
RisingTrojan.Generic@ML.98 (RDML:ppSnmW+HFwjVUsnHMZF+/g)
YandexTrojan.GenAsa!k6c4dn7VYew
IkarusPUA.Multiplug
FortinetW32/Kryptik.DGEB!tr
AVGSf:Crypt-IS [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.TorrentLocker.HwoCEpsA

How to remove Trojan.Ransom.AJD?

Trojan.Ransom.AJD removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment