Ransom Trojan

Trojan.Ransom.AZS removal

Malware Removal

The Trojan.Ransom.AZS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Ransom.AZS virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Icelandic
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan.Ransom.AZS?



File Info:

crc32: A4744EF5
md5: 04611644abd35468d8a96aa2a097d9fd
name: 04611644ABD35468D8A96AA2A097D9FD.mlw
sha1: 69e1acd32872c90341eb3132a7dca207298d7429
sha256: 625fed714afee5b7aa3f4a001370356c96234ae82c9d887ef218d0828b598d6d
sha512: 5d2d9eec7ac4bc5f9312fea890c92408c2c8d6e185dc5352bca4e21625d8a09e0cda6160f314f73ce1694589096ebd30d70370e5a613d470a1edc6f9522adbbe
ssdeep: 24576:OYc6ScKW8o7xWLb9Uj5FelokvtD6ZCdwk:G0Mtlokvxmw
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Trojan.Ransom.AZS also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 0055e3ef1 )
LionicTrojan.Win32.Fsysna.4!c
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.13052
MicroWorld-eScanTrojan.Ransom.AZS
CAT-QuickHealRansom.Tescrypt.A5
ALYacTrojan.Ransom.AZS
CylanceUnsafe
ZillyaTrojan.Fsysna.Win32.12052
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 0055e3ef1 )
Cybereasonmalicious.4abd35
CyrenW32/Injector.CRDN-9180
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Filecoder.Shade.B
ZonerProbably Heur.ExeHeaderH
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ransom.AZS
NANO-AntivirusTrojan.Win32.Stealer.evgmsw
TencentMalware.Win32.Gencirc.10ba9ef9
Ad-AwareTrojan.Ransom.AZS
SophosML/PE-A + Mal/Zbot-UQ
BitDefenderThetaGen:NN.ZexaF.34110.2qZ@aqP7V1OO
VIPRETrojan.Win32.Injector.cdgy (v)
TrendMicroRansom_CRYPSHED.F116I5
McAfee-GW-EditionBehavesLike.Win32.Downloader.cc
FireEyeGeneric.mg.04611644abd35468
EmsisoftTrojan.Ransom.AZS (B)
JiangminBackdoor.Androm.kdq
AviraHEUR/AGEN.1126012
eGambitUnsafe.AI_Score_99%
Antiy-AVLTrojan/Generic.ASMalwFH.3337A2E
KingsoftWin32.Infected.AutoInfector.a.(kcloud)
MicrosoftRansom:Win32/Troldesh.A
ArcabitTrojan.Ransom.AZS
GDataTrojan.Ransom.AZS
AhnLab-V3Trojan/Win32.Troldesh.R187282
Acronissuspicious
McAfeeGenericR-JTO!04611644ABD3
MAXmalware (ai score=81)
VBA32BScope.Trojan.KillProc
MalwarebytesMalware.AI.1193970960
PandaTrj/Genetic.gen
TrendMicro-HouseCallRansom_CRYPSHED.F116I5
RisingTrojan.Generic@ML.96 (RDML:pz4C+2A6hMzH3VhG4fEEUA)
YandexTrojan.GenAsa!UoPHJsRLTo0
IkarusTrojan.Win32.Filecoder
FortinetW32/Generic.AC.37EE97!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan.Ransom.AZS?

Trojan.Ransom.AZS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment