Ransom • Trojan

How to remove “Trojan.Ransom.Builder (A)”?

The Trojan.Ransom.Builder (A) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Ransom.Builder (A) virus can do?

Network activity detected but not expressed in API logs

How to determine Trojan.Ransom.Builder (A)?


File Info:
crc32: 78A138E2
md5: a62d135cc2f16431152591d049c347d6
name: A62D135CC2F16431152591D049C347D6.mlw
sha1: 70eb095253a960f5d8dbdd61eccbb9ffd246539e
sha256: 4f585b2134ef49fce0236ae648cfff81008dbc7a677a128a7ed7072a01c17f76
sha512: c6bf5e51ca446210f1c8b76d37b6df1bd728acd3a9d806e01aba7b1aa509c2613cb8bd904d81e4d4fb63e43f13cca178ce6debaf15d09d49d386d629a02d6af0
ssdeep: 1536:AbJWfT5oua8byL76ZmqMQoXhVN4aooJhDCSGyfel82WNxjpYDqP:AbkffRGL7NTXh/sEhD4yfdNxjaDqP
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9  2018
Assembly Version: 1.0.0.0
InternalName: Petya and GoldenEye BUILDER.exe
FileVersion: 1.0.0.0
CompanyName: 
LegalTrademarks: 
Comments: 
ProductName: Petya and GoldenEye BUILDER
ProductVersion: 1.0.0.0
FileDescription: Petya and GoldenEye BUILDER
OriginalFilename: Petya and GoldenEye BUILDER.exe

Trojan.Ransom.Builder (A) also known as:

Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen7.57150
ClamAV	Win.Ransomware.Petya-6992434-0
ALYac	Trojan.MSIL.Basic.3.Gen
Cylance	Unsafe
Sangfor	Suspicious.Win32.Save.a
ESET-NOD32	Win32/Diskcoder.Petya.A
APEX	Malicious
Avast	MBR:Ransom-C [Trj]
Cynet	Malicious (score: 99)
Kaspersky	Trojan-Ransom.Win32.Petr.aqv
BitDefender	Trojan.MSIL.Basic.3.Gen
MicroWorld-eScan	Trojan.MSIL.Basic.3.Gen
Ad-Aware	Trojan.MSIL.Basic.3.Gen
F-Secure	Heuristic.HEUR/AGEN.1117117
BitDefenderTheta	Gen:NN.ZemsilCO.34170.qm0@aWggZ9i
FireEye	Generic.mg.a62d135cc2f16431
Emsisoft	Trojan.Ransom.Builder (A)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1117117
Microsoft	Trojan:Win32/Sabsik.FL.B!ml
Arcabit	Trojan.MSIL.Basic.3.Gen
GData	Trojan.MSIL.Basic.3.Gen
MAX	malware (ai score=88)
VBA32	TrojanRansom.Petr
Malwarebytes	Malware.AI.3621153645
Rising	Trojan.Generic@ML.90 (RDML:5Ke0bhifrlLr/mZmQoR5Gg)
Fortinet	MSIL/Filecoder.DED8!tr.ransom
AVG	MBR:Ransom-C [Trj]

How to remove Trojan.Ransom.Builder (A)?

Trojan.Ransom.Builder (A) removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X