Ransom • Trojan

About “Trojan.Ransom.HermesKD.12613946” infection

The Trojan.Ransom.HermesKD.12613946 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan.Ransom.HermesKD.12613946 virus can do?

Possible date expiration check, exits too soon after checking local time
Network activity detected but not expressed in API logs

How to determine Trojan.Ransom.HermesKD.12613946?


File Info:
crc32: FF6EB97B
md5: a30c407f2bb35d668fe8ec6597f43862
name: A30C407F2BB35D668FE8EC6597F43862.mlw
sha1: 0d65b0b92a54be3481a9b5c4cd20e1d1f59e3f97
sha256: 574d2f84b1e031b8d69a20915e88c367a1ee7e79549e97992046c0d8081ac0db
sha512: c56cc55009b2060b236ed4b153084c938cf87540bdf421af5942433967e9ebc26db9cbe5051e38aabc7abc97222f001060a17b071eea3b2bcbb1fe535744ff4e
ssdeep: 1536:FdS4cSRJo3LYNWP0L3cEkYq6v35UOH88ev/8PO:FI2ALjODlq45UsGUPO
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2016
InternalName: Yellow
FileVersion: 3.5.7.3
CompanyName: Tor Software
ProductName: California
ProductVersion: 1.8.7.7
FileDescription: Esoo
OriginalFilename: Promo
Translation: 0x0409 0x04b0

Trojan.Ransom.HermesKD.12613946 also known as:

K7AntiVirus	Trojan ( 0050b3ab1 )
Lionic	Trojan.Win32.Generic.4!c
DrWeb	Trojan.Encoder.10700
ALYac	Trojan.Ransom.Hermes
Malwarebytes	Malware.AI.2987458909
Sangfor	Ransom.Win32.Hermez.i
CrowdStrike	win/malicious_confidence_60% (W)
K7GW	Trojan ( 0050b3ab1 )
Cybereason	malicious.f2bb35
Symantec	Ransom.KeyBTC
ESET-NOD32	a variant of Win32/Filecoder.Hermes.A
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.Hermez.i
BitDefender	Trojan.Ransom.HermesKD.12613946
NANO-Antivirus	Virus.Win32.Gen.ccmw
MicroWorld-eScan	Trojan.Ransom.HermesKD.12613946
Tencent	Win32.Trojan.Hermez.Liqe
Ad-Aware	Trojan.Ransom.HermesKD.12613946
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZexaE.34790.fu0@aO1y4Kmi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_HERMES.SM
McAfee-GW-Edition	BehavesLike.Win32.Generic.mh
FireEye	Generic.mg.a30c407f2bb35d66
Emsisoft	Trojan.FileCoder (A)
Jiangmin	Trojan.Hermez.f
Antiy-AVL	Trojan/Generic.ASMalwS.22BC542
Microsoft	Trojan:Win32/Tiggre!rfn
GData	Trojan.Ransom.HermesKD.12613946
AhnLab-V3	Win-Trojan/Gandcrab08.Exp
McAfee	Artemis!A30C407F2BB3
VBA32	TrojanRansom.Hermez
Panda	Trj/GdSda.A
TrendMicro-HouseCall	Ransom_HERMES.SM
Rising	Ransom.Hermes!1.B651 (CLASSIC)
Yandex	Trojan.Hermez!xRC8199g64c
Ikarus	Trojan-Ransom.FileCrypter
Fortinet	W32/Filecoder_Hermes.A!tr
AVG	Win32:Malware-gen
Qihoo-360	Win32/Ransom.Hermes.HgAASRIA

How to remove Trojan.Ransom.HermesKD.12613946?

Trojan.Ransom.HermesKD.12613946 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X