Ransom Trojan

Trojan.Ransom.MBRLock removal

Malware Removal

The Trojan.Ransom.MBRLock is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Ransom.MBRLock virus can do?

  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Likely installs a bootkit via raw harddisk modifications
  • Attempts to restart the guest VM
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself

How to determine Trojan.Ransom.MBRLock?



File Info:

crc32: 68AB1EEF
md5: f528c69b0e0358672234f17190192ceb
name: F528C69B0E0358672234F17190192CEB.mlw
sha1: ce88eedb81f8184af083e57ac537989a427710a0
sha256: 75185301b1562a1dab4055a01ad5fd4d78ec1b5bc9fe60354c31548250f4c2e1
sha512: b9c6fb6e90875d58cf4ff145ed12107e434619068f7cbfdaa105290996618a216e6086c4d0ffd434092d436011f12cae1ba5a95a306388fc94e152bd75ef2e1b
ssdeep: 12288:uH6tD7mnDZTiPO0rwqlg8aicaTZni5Kyti9dTSqR:uatfmDZGPFrwug8a8TZiUyti9dTSqR
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: x968fx98ce
FileVersion: 1.0.0.0
CompanyName: x968fx98ce
Comments: x968fx98ce
ProductName: x968fx98ce
ProductVersion: 1.0.0.0
FileDescription: x968fx98ce
Translation: 0x0804 0x04b0

Trojan.Ransom.MBRLock also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 005246d51 )
Elasticmalicious (high confidence)
DrWebTrojan.MBRlock.280
CynetMalicious (score: 100)
ALYacTrojan.Ransom.MBRLock
CylanceUnsafe
ZillyaTrojan.MBRlock.Win32.514
SangforWin.Malware.Zusy-6840460-0
CrowdStrikewin/malicious_confidence_60% (D)
AlibabaRansom:Win32/Foreign.66966599
K7GWTrojan ( 005246d51 )
Cybereasonmalicious.b0e035
CyrenW32/Agent.EW.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/MBRlock.BA
APEXMalicious
AvastWin32:RansomX-gen [Ransom]
ClamAVWin.Malware.Zusy-6840460-0
KasperskyTrojan-Ransom.Win32.Foreign.naew
BitDefenderGen:Variant.Ransom.MBRLock.3
NANO-AntivirusTrojan.Win32.MBRlock.fgpjkf
MicroWorld-eScanGen:Variant.Ransom.MBRLock.3
TencentWin32.Trojan.Mbrchanger.Auto
Ad-AwareGen:Variant.Ransom.MBRLock.3
SophosMal/Generic-S
ComodoWorm.Win32.Dropper.RA@1qraug
BitDefenderThetaGen:NN.ZexaF.34670.0q0@aC!QMVbb
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom.Win32.MBRLOCKER.SM
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
FireEyeGeneric.mg.f528c69b0e035867
EmsisoftGen:Variant.Ransom.MBRLock.3 (B)
SentinelOneStatic AI – Malicious PE
JiangminHeur:Trojan/AntiAV
AviraTR/Ransom.MBRlock.ihgqr
eGambitUnsafe.AI_Score_99%
Antiy-AVLGrayWare/Win32.FlyStudio.a
MicrosoftRansom:Win32/Molock!rfn
ArcabitTrojan.Ransom.MBRLock.3
AegisLabTrojan.Win32.Foreign.j!c
GDataWin32.Trojan.PSE.1U8NZ9I
AhnLab-V3Malware/Win32.Generic.C2697137
Acronissuspicious
McAfeeGenericRXMT-HU!F528C69B0E03
MAXmalware (ai score=100)
VBA32TrojanRansom.Foreign
MalwarebytesTrojan.MalPack.FlyStudio
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom.Win32.MBRLOCKER.SM
RisingRansom.Dexcrypt!1.B151 (CLOUD)
IkarusTrojan.Win32.MBRlock
FortinetW32/MBRlock.BA!tr.ransom
AVGWin32:RansomX-gen [Ransom]
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.Foreign.HwcBuCMA

How to remove Trojan.Ransom.MBRLock?

Trojan.Ransom.MBRLock removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment