Ransom Trojan

Trojan-Ransom.Win32.Crypren.aixb removal

Malware Removal

The Trojan-Ransom.Win32.Crypren.aixb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Crypren.aixb virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Performs HTTP requests potentially not found in PCAP.
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Georgian
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Trojan-Ransom.Win32.Crypren.aixb?



File Info:

name: 1820F0E54B8A56931823.mlw
path: /opt/CAPEv2/storage/binaries/2e427c6359e761b53f638b8d660284aa78ddec93ee2d68bf12cb9248070d468f
crc32: 5E170848
md5: 1820f0e54b8a56931823c80787688ea6
sha1: 8534b734ec01d04c22c15716ba023056fd15b0d0
sha256: 2e427c6359e761b53f638b8d660284aa78ddec93ee2d68bf12cb9248070d468f
sha512: f2bd26df4a725afe95de5b15068a43c92bdc4fadf6b30bccab4f92f4ee86e272ed5b8437e8efdd1fe57a96264daa5c30b45c6419cde68a9ad2fbe8eb50863dde
ssdeep: 3072:8DxApO/qyNeK2dlSR38t7KjzvmPlyuVwHFusx4Kx:xi5eNSF8tevCHeHFusxr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T12354D12176E0CC32C4A719755870DB907AFBB52166F885CB776023AF5F302F19A3A35A
sha3_384: 6576d02329a47c6bf3b562432428bbc30d3c50b8f03a232c7323fbe72518ba62b13d76f8f9afdf5aaea37609cb846578
ep_bytes: e81c420000e978feffff8bff558bec8b
timestamp: 2022-02-05 02:17:30


Version Info:

FileVersions: 9.1.2.1
Copyright: Copyright (C) 2022, somoklos
ProjectVersion: 74.15.66.25

Trojan-Ransom.Win32.Crypren.aixb also known as:

BkavW32.AIDetect.malware1
LionicHeuristic.File.Generic.00×1!p
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKDZ.91586
ClamAVWin.Malware.Azorult-9949206-0
CAT-QuickHealRansom.Stopcrypt
ALYacTrojan.GenericKDZ.91586
MalwarebytesTrojan.MalPack.GS
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/StopCrypt.9fe3efe7
K7GWRiskware ( 00584baa1 )
K7AntiVirusRiskware ( 00584baa1 )
CyrenW32/Kryptik.HLI.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HQQL
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.Crypren.aixb
BitDefenderTrojan.GenericKDZ.91586
NANO-AntivirusTrojan.Win32.Crypren.jspuqb
AvastWin32:PWSX-gen [Trj]
TencentWin32.Trojan.Crypren.Vwhl
Ad-AwareTrojan.GenericKDZ.91586
EmsisoftTrojan.GenericKDZ.91586 (B)
VIPRETrojan.GenericKDZ.91586
TrendMicroRansom_StopCrypt.R03BC0DIO22
McAfee-GW-EditionPacked-GDV!1820F0E54B8A
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.1820f0e54b8a5693
SophosML/PE-A + Troj/Krypt-PX
IkarusTrojan-Ransom.StopCrypt
GDataWin32.Trojan.PSE.137K04I
AviraTR/Crypt.Agent.mpwzv
MAXmalware (ai score=86)
ArcabitTrojan.Generic.D165C2
MicrosoftRansom:Win32/StopCrypt.SA!MTB
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R513546
McAfeePacked-GDV!1820F0E54B8A
VBA32BScope.TrojanDownloader.Smoke
CylanceUnsafe
TrendMicro-HouseCallRansom_StopCrypt.R03BC0DIO22
RisingBackdoor.Convagent!8.123DC (TFE:5:Bk8OWaLf6wT)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Packed.GDT!tr
AVGWin32:PWSX-gen [Trj]
Cybereasonmalicious.4ec01d
PandaTrj/Genetic.gen

How to remove Trojan-Ransom.Win32.Crypren.aixb?

Trojan-Ransom.Win32.Crypren.aixb removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment