Categories: RansomTrojan

What is “Trojan-Ransom.Win32.Blocker.zdzy”?

The Trojan-Ransom.Win32.Blocker.zdzy is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan-Ransom.Win32.Blocker.zdzy virus can do?

Sample contains Overlay data
Reads data out of its own binary image
CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Exhibits possible ransomware file modification behavior
Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Blocker.zdzy?


File Info:
name: 0E26096738E8F03EFBE7.mlwpath: /opt/CAPEv2/storage/binaries/2c0bb9af19e62bf3e66496982d0a36eb955d58e35433434a0cc7847ff8059935crc32: 6C779774md5: 0e26096738e8f03efbe7ced39e62344bsha1: 9a8a4cc93c02e932a9ded00ed395772eb856c23bsha256: 2c0bb9af19e62bf3e66496982d0a36eb955d58e35433434a0cc7847ff8059935sha512: 2c3ccc8b782b123cc40af41b9fc6be26f08693312cf382292434e624dd4dfb8d824a7dbf2f88255ceb1c1bc8ea0048cb19c73ed52c2013db9b123fdb958d82fbssdeep: 24576:Azg6yzm+LftsKrzh0SrMFTwxjQh6s0tKy5qUWUJWSEuEYimB+:AM6yi+LVsSM2xjQubsbU4SEyB+type: PE32+ executable (GUI) x86-64, for MS Windowstlsh: T1A145BF07B25410FAD06EC674CB675122EE71F8870A74B69F12A463213E76FB15F2EB18sha3_384: 89d095b2fbb746229a3b1a892c014f273a1e72ad907b38fad8c8d9fdc9960f62dfbf7759aadfbd1ee505c6ad28f42a5eep_bytes: e848feffffc82000004c897c24f84883timestamp: 2019-03-16 12:31:22
Version Info:
CompanyName: Simon TathamProductName: PuTTY suiteFileDescription: SSH, Telnet and Rlogin clientInternalName: PuTTYOriginalFilename: PuTTYFileVersion: Release 0.71 (with embedded help)ProductVersion: Release 0.71LegalCopyright: Copyright © 1997-2019 Simon Tatham.Translation: 0x0809 0x04b0

Trojan-Ransom.Win32.Blocker.zdzy also known as:

Lionic	Trojan.Win32.Crypmodng.tsaK
MicroWorld-eScan	Gen:Variant.Razy.493881
ALYac	Gen:Variant.Razy.493881
Cylance	Unsafe
VIPRE	Gen:Variant.Razy.493881
Sangfor	Ransom.Win64.Blocker.Vrk7
K7AntiVirus	Trojan ( 0059aa0b1 )
Alibaba	Ransom:Win64/Blocker.bebccee1
K7GW	Trojan ( 0059aa0b1 )
Cybereason	malicious.738e8f
Cyren	W64/Ipamor.A
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	Win64/Filecoder.GG
APEX	Malicious
Kaspersky	Trojan-Ransom.Win32.Blocker.zdzy
BitDefender	Gen:Variant.Razy.493881
Avast	Win64:Trojan-gen
Tencent	Win32.Trojan.Blocker.Twhl
Ad-Aware	Gen:Variant.Razy.493881
Sophos	Troj/Azov-A
DrWeb	Win32.HLLP.Azov.2
TrendMicro	Ransom.Win64.AZVO.SMYXCJ5
McAfee-GW-Edition	BehavesLike.Win64.Dropper.tc
FireEye	Generic.mg.0e26096738e8f03e
Emsisoft	Gen:Variant.Razy.493881 (B)
GData	Gen:Variant.Razy.493881
Jiangmin	Trojan.Blocker.urx
MAX	malware (ai score=87)
Antiy-AVL	GrayWare/Win32.Filecoder.gg
Gridinsoft	Ransom.Win64.Blocker.sa
Arcabit	Trojan.Razy.D78939
ZoneAlarm	Trojan-Ransom.Win32.Blocker.zdzy
Microsoft	Ransom:Win64/AzovCrypt.PA!MTB
Google	Detected
AhnLab-V3	Trojan/Win.Generic.R533581
McAfee	Artemis!0E26096738E8
Malwarebytes	Ransom.FileCryptor
Rising	Ransom.Agent!8.6B7 (TFE:2:U9tOTBNOHOO)
Ikarus	Trojan-Ransom.FileCrypter
MaxSecure	Trojan.Malware.121218.susgen
Fortinet	W64/Filecoder.GG!tr
AVG	Win64:Trojan-gen
Panda	Trj/CI.A
CrowdStrike	win/malicious_confidence_100% (W)