Ransom Trojan

Trojan-Ransom.Win32.Blocker.fgsy removal

Malware Removal

The Trojan-Ransom.Win32.Blocker.fgsy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Blocker.fgsy virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Deletes executed files from disk

How to determine Trojan-Ransom.Win32.Blocker.fgsy?



File Info:

name: 8E31384EF27408FE0A7E.mlw
path: /opt/CAPEv2/storage/binaries/f0a689cb65d75a049ecaa2071014404f4f6d5c917f86758a2245ec5c68f37ec4
crc32: FCA4AAC7
md5: 8e31384ef27408fe0a7e11e48ac83434
sha1: 0807db6e1031c96448d523790034184917044221
sha256: f0a689cb65d75a049ecaa2071014404f4f6d5c917f86758a2245ec5c68f37ec4
sha512: a9b2fc1204a98bd985502fc7605447dcdae55bc84745ffe4b3f1db65caf306bd5fb0210c9da4831b82e01b886b15d1ae2629225382b61876c8bdcae3ba3e3086
ssdeep: 196608:WmY+Vppyl0rqFqztx18t6gAHyxPZXO7U95k:B/yl0+FaCnAB7Ii
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14E6633117BC0D0F4E695253749A2C675696ABE617B3097C73A603B7E8E302C37A3874B
sha3_384: 56f7d78b7e6ce84175a3b183c103610f38a74c0d466f8e4ab5c0626e0f8f6ed7e74c552578af2d3aaba73eede584b7d2
ep_bytes: e815c60000e978feffff5064ff350000
timestamp: 2012-06-14 19:11:00


Version Info:

0: [No Data]

Trojan-Ransom.Win32.Blocker.fgsy also known as:

LionicTrojan.Win32.Blocker.j!c
FireEyeGeneric.mg.8e31384ef27408fe
McAfeeArtemis!8E31384EF274
CylanceUnsafe
SangforRansom.Win32.Blocker.8
K7GWRiskware ( 0040eff71 )
K7AntiVirusRiskware ( 0040eff71 )
APEXMalicious
KasperskyTrojan-Ransom.Win32.Blocker.fgsy
AvastWin32:Malware-gen
TencentWin32.Trojan.Blocker.Ecaj
McAfee-GW-EditionArtemis!Trojan
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftProgram:Win32/Wacapew.C!ml
ZoneAlarmTrojan-Ransom.Win32.Blocker.fgsy
VBA32Trojan.MulDrop
AVGWin32:Malware-gen
PandaTrj/Genetic.gen

How to remove Trojan-Ransom.Win32.Blocker.fgsy?

Trojan-Ransom.Win32.Blocker.fgsy removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment