Ransom Trojan

Trojan-Ransom.Win32.Crypmod.abcv removal

Malware Removal

The Trojan-Ransom.Win32.Crypmod.abcv is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Crypmod.abcv virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Enumerates running processes
  • Reads data out of its own binary image
  • Manipulates data from or to the Recycle Bin
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Steals private information from local Internet browsers
  • Creates a hidden or system file
  • Checks the CPU name from registry, possibly for anti-virtualization

How to determine Trojan-Ransom.Win32.Crypmod.abcv?



File Info:

name: 018BBBDEBBE1FE935523.mlw
path: /opt/CAPEv2/storage/binaries/f9b26a71af9007f4a28b16c096b1eb3ec74d1384c0f6fe44aa68f1a959f985f7
crc32: 1D72ADDB
md5: 018bbbdebbe1fe9355231c74d40ae83d
sha1: 79b02a40f3a55670311dcf1c7cb0b04e34413e52
sha256: f9b26a71af9007f4a28b16c096b1eb3ec74d1384c0f6fe44aa68f1a959f985f7
sha512: ab56624c52ff368bc0ea5f6923907a24516a7277c5dcfba16beca6581d8f4bff008ce3922072545971a3cae263627aac3520a722c4a9a4cbe2b2ede490e5ad72
ssdeep: 3072:vw4gnScGuDI2dcn451HUyS0Dq+vCx+tDHMzcQaKQFAlE2gBEsjf7yVhc:vz26GhhDqUCxADs4QaKQEIjfuc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17B04025979E0CC5FDBA3823104B697BAEBF76A120200CE6707745E373D652A34E3A45A
sha3_384: e638a9a1586c5c534db7ace329f06636a701bee1d89247b5a76aa7d71201a2ad44e05a62ccb36ffba0ebf9e6d56f3980
ep_bytes: 81ec8401000053565733db6801800000
timestamp: 2016-07-25 00:55:54


Version Info:

cxvcxvbdfgsfdg: qweqwe, sadasdasd
qweqwesdsd: xzvsdfeqwr324324
xcvxcvsdf343: 
bxvcbcvbsdfsdf: 1.7.2
qweqwe32: 
asdvcxvasdf: ertertert
vcbdfsdg: 5.7.8
Translation: 0x0409 0x04e4

Trojan-Ransom.Win32.Crypmod.abcv also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Crypmod.j!c
CynetMalicious (score: 99)
ALYacTrojan.GenericKD.31623655
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.8825
SangforRansom.Win32.GandCrab.E
K7AntiVirusTrojan ( 00545bf41 )
AlibabaTrojan:Win32/Crypmod.4d7088f7
K7GWTrojan ( 00545bf41 )
CrowdStrikewin/malicious_confidence_80% (D)
CyrenW32/Downloader.EHKE-7751
SymantecTrojan.Gen.MBT
ESET-NOD32Win32/Filecoder.GandCrab.E
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Trojan.Agent-6841073-0
KasperskyTrojan-Ransom.Win32.Crypmod.abcv
BitDefenderTrojan.GenericKD.31623655
NANO-AntivirusTrojan.Win32.Crypmod.fmzrrp
MicroWorld-eScanTrojan.GenericKD.31623655
AvastWin32:Trojan-gen
TencentWin32.Trojan.Raas.Auto
Ad-AwareTrojan.GenericKD.31623655
SophosMal/Generic-L
ComodoMalware@#171mokdz72pc4
DrWebTrojan.Encoder.24384
VIPREWin32.Malware!Drop
McAfee-GW-EditionBehavesLike.Win32.Vopak.cc
FireEyeGeneric.mg.018bbbdebbe1fe93
EmsisoftTrojan.GenericKD.31623655 (B)
IkarusTrojan-Ransom.GandCrab
GDataWin32.Trojan.Agent.MQUHMR
JiangminTrojan.Generic.dzave
AviraTR/FileCoder.dzcpv
ArcabitTrojan.Generic.D1E289E7
MicrosoftTrojan:Win32/Occamy.C!bit
AhnLab-V3Malware/Gen.Generic.C2988820
McAfeeGeneric.buk
MAXmalware (ai score=100)
VBA32TrojanRansom.Crypmod
RisingTrojan.Injector/NSIS!1.BFBB (CLASSIC)
FortinetW32/Filecoder_GandCrab.E!tr
AVGWin32:Trojan-gen
Cybereasonmalicious.ebbe1f
PandaTrj/WLT.E
MaxSecureTrojan.Malware.74231952.susgen

How to remove Trojan-Ransom.Win32.Crypmod.abcv?

Trojan-Ransom.Win32.Crypmod.abcv removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment