Should I remove “Trojan-Ransom.NSIS.MyxaH.rfb”?

Malware Removal

The Trojan-Ransom.NSIS.MyxaH.rfb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan-Ransom.NSIS.MyxaH.rfb virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (4 unique times)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Network activity contains more than one unique useragent.
  • Anomalous binary characteristics

Related domains:

www.uptodown.com
ocsp.digicert.com
img.uptodown.net
servicemap.conduit-services.com
ct2828561.ourtoolbar.com
www.ourtoolbar.com

How to determine Trojan-Ransom.NSIS.MyxaH.rfb?


File Info:

crc32: 033C1FCF
md5: 51dd2242ef2749b8d70768026f24f1dd
name: 51DD2242EF2749B8D70768026F24F1DD.mlw
sha1: 1e4431f6ce891dd93602336d24c170e052d0711c
sha256: 05b55b905378fe689e677dadb6d5006d74b3cb30c5dfc1065f2cbb8d7249346f
sha512: 8f6e9826cdbfaac8a69e60987f49eee52bba66270becbd54d194fd968bbc37ebefdde42dacab75dc8b5befd747bb9d25ada79067c09e5b6d423788965b9fcf39
ssdeep: 6144:ae34dlz6DunBQwBfJALPkuWCdXmyaunAsBPVHaspReyXktYXmExXkiTh5w1UT:ewDunkLR7AsBPdLfeimviTh5P
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive

Version Info:

0: [No Data]

Trojan-Ransom.NSIS.MyxaH.rfb also known as:

BkavW32.AIDetect.malware1
K7AntiVirusAdware ( 004cee561 )
LionicTrojan.NSIS.MyxaH.j!c
Elasticmalicious (high confidence)
DrWebAdware.Downware.16
CynetMalicious (score: 100)
CylanceUnsafe
ZillyaTrojan.Bayrob.Win32.3755
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaRansom:Win32/MyxaH.06dce1ac
K7GWAdware ( 004cee561 )
Cybereasonmalicious.6ce891
SymantecPUA.UpToDown
ESET-NOD32a variant of Win32/UpToDown.B potentially unwanted
APEXMalicious
AvastFileRepMalware [PUP]
ClamAVWin.Adware.UpToDown-1
KasperskyTrojan-Ransom.NSIS.MyxaH.rfb
NANO-AntivirusRiskware.Nsis.Adw.dqgtmn
TencentNsis.Trojan.Myxah.Swbl
SophosGeneric PUA BO (PUA)
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_MyxaH.R002C0OH321
McAfee-GW-EditionBehavesLike.Win32.PUP.gc
SentinelOneStatic AI – Malicious PE
AviraAPPL/UpToDown.Gen5
Antiy-AVLTrojan/Generic.ASMalwNS.2B52
MicrosoftTrojan:Win32/Wacatac.B!ml
SUPERAntiSpywarePUP.DealPly/Variant
GDataWin32.Application.UpToDown.C
McAfeeArtemis!51DD2242EF27
VBA32TrojanRansom.Agent
MalwarebytesPUP.Optional.BundleInstaller
TrendMicro-HouseCallRansom_MyxaH.R002C0OH321
FortinetW32/UpToDown.A
AVGFileRepMalware [PUP]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Generic.HoMASRUA

How to remove Trojan-Ransom.NSIS.MyxaH.rfb?

Trojan-Ransom.NSIS.MyxaH.rfb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment