Ransom • Trojan

What is “Trojan-Ransom.Win32.Cryptor.emb”?

The Trojan-Ransom.Win32.Cryptor.emb is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Ransom.Win32.Cryptor.emb virus can do?

The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Cryptor.emb?


File Info:
crc32: 65E93BA5
md5: b45784369329647e6df08bde3bc7ec4a
name: B45784369329647E6DF08BDE3BC7EC4A.mlw
sha1: aca15b8406c0e16c9a6d7fd8e3483abbd8628ddd
sha256: d5b99f97dd32fbbc3ec57fc1ad91019def440f69cd24ad53eb1dbe04f4020f10
sha512: 8cb581b50ed10c372e37a2707922350c997c63ec0414fce73e06617ba6fce37bd3d2cdf1a26987f09c5a3346075471bbcc0fb61dc7d907d0da0bb3aa5976526c
ssdeep: 384:wxiNh2laraKqlJ7DSMaC/iE+yvJeGicN3twrWFeQYQq3URIaZXY:wxeQbHKE+yvsJy3h4QHq3baN
type: PE32+ executable (GUI) x86-64, for MS Windows

Version Info:
0: [No Data]

Trojan-Ransom.Win32.Cryptor.emb also known as:

Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Cerbu.105049
Cylance	Unsafe
CrowdStrike	win/malicious_confidence_100% (W)
K7GW	Trojan ( 0057e53f1 )
Cybereason	malicious.406c0e
Symantec	Trojan.Gen.2
ESET-NOD32	a variant of Win64/Injector.FM
APEX	Malicious
Avast	FileRepMalware
Kaspersky	Trojan-Ransom.Win32.Cryptor.emb
BitDefender	Gen:Variant.Cerbu.105049
MicroWorld-eScan	Gen:Variant.Cerbu.105049
Ad-Aware	Gen:Variant.Cerbu.105049
F-Secure	Trojan.TR/AD.ContiRansom.vmdsk
VIPRE	Trojan.Win32.Generic!BT
McAfee-GW-Edition	BehavesLike.Win64.Ardurk.mc
FireEye	Generic.mg.b45784369329647e
Emsisoft	Gen:Variant.Cerbu.105049 (B)
Avira	TR/AD.ContiRansom.vmdsk
Microsoft	Trojan:Win32/Wacatac.B!ml
Arcabit	Trojan.Cerbu.D19A59
ZoneAlarm	Trojan-Ransom.Win32.Cryptor.emb
GData	Gen:Variant.Cerbu.105049
McAfee	Artemis!B45784369329
MAX	malware (ai score=84)
Malwarebytes	Ransom.FileLocker
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W64/Kryptik.FM!tr
AVG	FileRepMalware

How to remove Trojan-Ransom.Win32.Cryptor.emb?

Trojan-Ransom.Win32.Cryptor.emb removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X