Ransom Trojan

Trojan-Ransom.Win32.Crusis.bxm removal

Malware Removal

The Trojan-Ransom.Win32.Crusis.bxm is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Crusis.bxm virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Attempts to delete volume shadow copies
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan-Ransom.Win32.Crusis.bxm?



File Info:

crc32: 89BBF6A5
md5: f2dfa16f7dfe090eb5fcc9138315e4a4
name: F2DFA16F7DFE090EB5FCC9138315E4A4.mlw
sha1: ae316db7be800a6616b543280dae185577f28d59
sha256: 89298d4b77bc2a8ee2e079021e8066752d41ea88f77c8a97a53dbc61c0f00635
sha512: c3567fdee851c5b477b0de567de81159a8990ad11115349a08ec343b1f75fe8c8c59b03d7b2613165f904f39838a762be484b205be699fd095542b89b33f6b55
ssdeep: 6144:WAhQQ5m6yFGKyZrSss8julWp3I3vKP4rMVrth3l1V:WAJk6yklrSH8p43FQVph3zV
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (C)IGC 2007-2015 
InternalName: ClubOrange
FileVersion: 2.4.29.3
CompanyName: IGC
PrivateBuild: 2.4.29.3
LegalTrademarks: (C)IGC 2007-2015 
Comments: Loves Shrdlu Sip
ProductName: ClubOrange
ProductVersion: 2.4.29.3
FileDescription: Loves Shrdlu Sip
OriginalFilename: ClubOrange
Translation: 0x0409 0x04b0

Trojan-Ransom.Win32.Crusis.bxm also known as:

K7AntiVirusTrojan ( 00510ef71 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.3953
CynetMalicious (score: 100)
ALYacTrojan.Ransom.Crysis
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1496157
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 00510ef71 )
SymantecRansom.Crysis
ESET-NOD32a variant of Win32/Kryptik.FPLO
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Ransom.Win32.Crusis.bxm
NANO-AntivirusTrojan.Win32.Crusis.exlvez
ViRobotTrojan.Win32.S.Ransom.340480
TencentMalware.Win32.Gencirc.11491967
SophosMal/Generic-S
ComodoMalware@#1tiv43q3wa7yz
BitDefenderThetaGen:NN.ZexaF.34670.uq0@a0rrVmli
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CRYSIS.CBQ
McAfee-GW-EditionBehavesLike.Win32.Emotet.fc
FireEyeGeneric.mg.f2dfa16f7dfe090e
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Crusis.sg
WebrootW32.Malware.Gen
AviraTR/Crypt.XPACK.cjgqm
MicrosoftRansom:Win32/Genasom
AegisLabTrojan.Win32.Crusis.4!c
TACHYONRansom/W32.Crysis.340480
AhnLab-V3Trojan/Win32.Ransom.C2438341
McAfeeGeneric.cze
MAXmalware (ai score=99)
VBA32TrojanRansom.Crusis
PandaTrj/CI.A
TrendMicro-HouseCallRansom_CRYSIS.CBQ
RisingTrojan.Kryptik!8.8 (CLOUD)
IkarusTrojan.Win32.Crypt
FortinetW32/Generic.AC.40834F
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360HEUR/QVM20.1.9A14.Malware.Gen

How to remove Trojan-Ransom.Win32.Crusis.bxm?

Trojan-Ransom.Win32.Crusis.bxm removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment