Ransom Trojan

Should I remove “Trojan.Ransom.Loki.GDM”?

Malware Removal

The Trojan.Ransom.Loki.GDM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan.Ransom.Loki.GDM virus can do?

  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Binary compilation timestomping detected

How to determine Trojan.Ransom.Loki.GDM?


File Info:

name: 7CB3611799FEE26423FF.mlw
path: /opt/CAPEv2/storage/binaries/4bbdebcfafb212d9da375a4d0a2d00e2e6f63adbc63b308b07f30a0a87c21813
crc32: 8F00A6CC
md5: 7cb3611799fee26423ffd873c5430de3
sha1: 6cf07637042971ea18f2b0b8b58d7f7da89193db
sha256: 4bbdebcfafb212d9da375a4d0a2d00e2e6f63adbc63b308b07f30a0a87c21813
sha512: aaed6922294b919e2587e415797717f5c6e96b85918fae070f1f1e667aa5adca6f0a534bb420c63a18a581545b952148515af7c1c43fb2cc7e2d0fc7b5fcc7cb
ssdeep: 98304:8t0UhsOAulGn7a4t0UhsOAulGn7alt0UhsOAulGn7a6g:gQR7ZQR7mQR7
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BC36DF042BE64F39E8368BB1CAD0EFA1977DA221D54860B654000E1B4655BFC8DDEEFD
sha3_384: f73068c4fe000a6a595556f1e9055df916b5314c3cc1ad6d5f6104870e8d70df52c47723bd437326a50977630d8f61f0
ep_bytes: ff250020400000000000000000000000
timestamp: 2098-11-23 03:30:03

Version Info:

Translation: 0x0000 0x04b0
Comments:
CompanyName: Microsoft
FileDescription: Resource Monitor
FileVersion: 1.0.0.0
InternalName: TypeInitializationExcept.exe
LegalCopyright: Copyright © 2022
LegalTrademarks:
OriginalFilename: TypeInitializationExcept.exe
ProductName: Resource Monitor
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

Trojan.Ransom.Loki.GDM also known as:

BkavW32.AIDetectMalware.CS
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Ransom.Loki.GDM
FireEyeGeneric.mg.7cb3611799fee264
CAT-QuickHealTrojan.YakbeexMSIL.ZZ4
SkyhighAgentTesla-FDFR!7CB3611799FE
ALYacTrojan.Ransom.Loki.GDM
MalwarebytesSpyware.PasswordStealer
SangforTrojan.Win32.Save.a
K7GWTrojan ( 0058ef621 )
K7AntiVirusTrojan ( 0058ef621 )
ArcabitTrojan.Ransom.Loki.GDM
BitDefenderThetaGen:NN.ZemsilF.36804.@p0@aSxapse
VirITTrojan.Win32.MSIL_Heur.A
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of MSIL/Kryptik.AEKB
APEXMalicious
ClamAVWin.Dropper.LokiBot-10023563-0
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefenderTrojan.Ransom.Loki.GDM
AvastWin32:PWSX-gen [Trj]
TencentMalware.Win32.Gencirc.13b57378
EmsisoftTrojan.Agent (A)
F-SecureHeuristic.HEUR/AGEN.1365522
DrWebBackDoor.SpyBotNET.25
VIPRETrojan.Ransom.Loki.GDM
SophosTroj/MSIL-SLC
SentinelOneStatic AI – Malicious PE
JiangminTrojan.PSW.MSIL.dtlh
VaristW32/MSIL_Troj.BYP.gen!Eldorado
AviraHEUR/AGEN.1365522
Antiy-AVLTrojan[PSW]/MSIL.Agensla
MicrosoftTrojan:MSIL/AgentTesla.EKI!MTB
ZoneAlarmHEUR:Trojan-PSW.MSIL.Agensla.gen
GDataMSIL.Trojan.BSE.112A9AZ
AhnLab-V3Trojan/Win.FDFR.C4991753
McAfeeAgentTesla-FDFR!7CB3611799FE
GoogleDetected
MAXmalware (ai score=87)
Cylanceunsafe
RisingMalware.Obfus/MSIL@AI.100 (RDM.MSIL2:oHgnjuFrcFqRYaMqbEwglg)
YandexTrojan.Kryptik!BaB3B2S1QpE
IkarusTrojan-Spy.AgentTesla
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/GenericKDS.61009645!tr
AVGWin32:PWSX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Trojan.Ransom.Loki.GDM?

Trojan.Ransom.Loki.GDM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment