Categories: RansomTrojan

Trojan.Ransom.GandCrab.Gen.2 (B) removal tips

The Trojan.Ransom.GandCrab.Gen.2 (B) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Ransom.GandCrab.Gen.2 (B) virus can do?

Executable code extraction
Creates RWX memory
The binary likely contains encrypted or compressed data.
Installs itself for autorun at Windows startup
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Trojan.Ransom.GandCrab.Gen.2 (B)?


File Info:
crc32: AD333FDAmd5: 67c3e4626ea1cd9d80c9510e8c66e803name: 67c3e4626ea1cd9d80c9510e8c66e803.exesha1: b6858bf08b03f7e1872579844671ec57c59c990dsha256: 091661388e4fb7b5fa372ce5b9002b347270cdf8f8247b17b6b4f4761342089esha512: 9dac0fc7cb9ac39528bbd326e263eea73de35cf48e90b0bed1cdac8b2776ac6c3bcda2c07297e3062b21a4a67f326756958be031545bb910e4b84f57dc745408ssdeep: 3072:fi6ItbhTm5EJBBEDCNVuNwXiNtoU39qzNAjv2bZxglSv1OrSjfXw2ODF:fi6ItdLjcCLSNmWt2bZQSdOrSjfXw2qFtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2017, iwfnuvfunInternalName: toalatspring.exeFileVersion: 5.1ProductVersion: 5.1.111.0Translation: 0x0789 0x04b1

Trojan.Ransom.GandCrab.Gen.2 (B) also known as:

Bkav	W32.AIDetectVM.malware
MicroWorld-eScan	Trojan.Ransom.GandCrab.Gen.2
CAT-QuickHeal	Trojan.Cloxer.A06
McAfee	Trojan-FPOH!67C3E4626EA1
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan ( 00532e3d1 )
BitDefender	Trojan.Ransom.GandCrab.Gen.2
K7GW	Trojan ( 655333331 )
Cybereason	malicious.26ea1c
TrendMicro	Ransom_GANDCRAB.SMALY-5
F-Prot	W32/Trojan3.AMJF
Symantec	Packed.Generic.525
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Dropper.Gandcrab-6535271-0
GData	Trojan.Ransom.GandCrab.Gen.2
Kaspersky	Exploit.Win32.CVE-2016-7255.as
Alibaba	Exploit:Win32/CVE-2016-7255.0d9e2047
NANO-Antivirus	Trojan.Win32.Encoder.fawrtk
ViRobot	Trojan.Win32.GandCrab.Gen.A
AegisLab	Hacktool.Win32.CVE-2016-7255.tpMU
Rising	Exploit.CVE-2016-7255!8.E8FF (CLOUD)
Endgame	malicious (high confidence)
Emsisoft	Trojan.Ransom.GandCrab.Gen.2 (B)
Comodo	TrojWare.Win32.Magniber.GH@7mr2pk
F-Secure	Trojan.TR/Ransom.ssaxe
DrWeb	Trojan.Encoder.24384
Zillya	Exploit.CVE.Win32.2113
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.dh
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.67c3e4626ea1cd9d
Sophos	Mal/Agent-AUL
Ikarus	Trojan.Kryptik
Cyren	W32/Trojan.RHRV-1350
Jiangmin	Trojan.PSW.Coins.by
Webroot	W32.Trojan.Gen
Avira	TR/Ransom.ssaxe
MAX	malware (ai score=100)
Antiy-AVL	Trojan/Win32.SGeneric
Microsoft	Trojan:Win32/Gandcrab.AF
Arcabit	Trojan.Ransom.GandCrab.Gen.2
SUPERAntiSpyware	Trojan.Agent/Gen-Malagent
ZoneAlarm	Exploit.Win32.CVE-2016-7255.as
AhnLab-V3	Win-Trojan/Gandcrab.Exp
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34098.pu1@ayMPbcfi
ALYac	Trojan.Ransom.GandCrab.Gen.2
TACHYON	Ransom/W32.GandCrab
VBA32	BScope.Exploit.CVE-2016-7255
Malwarebytes	Trojan.MalPack
Panda	Trj/Genetic.gen
Zoner	Trojan.Win32.68270
ESET-NOD32	Win32/Filecoder.GandCrab.B
TrendMicro-HouseCall	Ransom_GANDCRAB.SMALY-5
Tencent	Malware.Win32.Gencirc.10b097fa
Yandex	Trojan.PWS.Coins!
SentinelOne	DFI – Malicious PE
MaxSecure	Ransomeware.CRAB.gen
Fortinet	W32/GenKryptik.DQHN!tr
Ad-Aware	Trojan.Ransom.GandCrab.Gen.2
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	Win32/Trojan.Exploit.162