Ransom Trojan

Trojan-Ransom.Win32.Blocker.ikgf malicious file

Malware Removal

The Trojan-Ransom.Win32.Blocker.ikgf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan-Ransom.Win32.Blocker.ikgf virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan-Ransom.Win32.Blocker.ikgf?


File Info:

name: D9670536D0E1C3B60B0B.mlw
path: /opt/CAPEv2/storage/binaries/57a9caa6ea8553b23c9d2e5bf45c0574835b8b846c50d23c409c132e9e871626
crc32: D1F48A3C
md5: d9670536d0e1c3b60b0be83bb6841678
sha1: aeff90733c0fd05fd01e4c5bdf1729c6567dd71a
sha256: 57a9caa6ea8553b23c9d2e5bf45c0574835b8b846c50d23c409c132e9e871626
sha512: 47c8e9ddac55a0b2e7b0939cbcbd575820a205f72eda3dcce97d055b9e752d8bc60a36fcea58ba29b3b3cea9512fb2e2508334f141583c9a6a1f5986f8564306
ssdeep: 3072:iR9qgxvc41e3pwFuMWHcuWWEFEj/PpMViQKan2GYP/3Y:ixxvh1e69UUWE6jJzQFn2GUY
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11BE3F1E7FB9140C0F8899672475F99B4A1B1B8B494ED4B94FDB21B3FA8A0301541BD3E
sha3_384: e0d1a2dbbe36a996a6b8f0ad0eeda4e157b279abbe2c42b11ddb007e17ab2c88abe0258c0074df1bb362793533662d17
ep_bytes: 60e8000000005d61b908ed48005164ff
timestamp: 2007-08-20 19:10:10

Version Info:

CompanyName: An Software Lab.
FileVersion: 1.6.5
FileDescription: Mini Windows portable Antivirus
InternalName: ANSAV
LegalCopyright: Copyright © 2006-2007, An Software Lab.
OriginalFilename: ANSAV32.EXE
ProductName: ANSAV (An's Antivirus)
ProductVersion: 1.6.5
Author: 4NV|e
Home: http://www.ansav.com
Contact: e-mail: anvie_2194@yahoo.com anvie@ansav.com
Translation: 0x0409 0x04b0

Trojan-Ransom.Win32.Blocker.ikgf also known as:

BkavW32.AIDetectMalware
tehtrisGeneric.Malware
Cylanceunsafe
ZillyaTrojan.Blocker.Win32.48415
AlibabaRansom:Win32/Blocker.ac876dfe
CrowdStrikewin/malicious_confidence_70% (D)
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.Blocker.ikgf
McAfee-GW-EditionBehavesLike.Win32.Trojan.cc
SentinelOneStatic AI – Suspicious PE
WebrootW32.Rogue.Gen
Antiy-AVLTrojan[Ransom]/Win32.Blocker
MicrosoftProgram:Win32/Wacapew.C!ml
ZoneAlarmTrojan-Ransom.Win32.Blocker.ikgf
McAfeeArtemis!D9670536D0E1
VBA32BScope.Trojan.Malex
RisingRansom.Blocker!8.12A (CLOUD)
MaxSecureTrojan.Malware.74548823.susgen
DeepInstinctMALICIOUS

How to remove Trojan-Ransom.Win32.Blocker.ikgf?

Trojan-Ransom.Win32.Blocker.ikgf removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment