Ransom • Trojan

Trojan-Ransom.Win32.Cryrar.hef (file analysis)

The Trojan-Ransom.Win32.Cryrar.hef is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Ransom.Win32.Cryrar.hef virus can do?

Creates a hidden or system file
Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Cryrar.hef?


File Info:
crc32: 3EB64A7C
md5: 7db80598b130c346ff592779f1a24f31
name: 7DB80598B130C346FF592779F1A24F31.mlw
sha1: 13b0d4e09cb70fcfc573949c87dc75e811b89d10
sha256: 90541634866b1ba30100f02d3cbb15c7b72b43a6660dd71cb9956c6e3dc1b44c
sha512: 7950ac0903722fae296a56a422f8a09eaf4f348b316533c71cdbf69e3cfa2c80be886a5553571325fc7c85161a39c355c3c0d1100a44ef839c14477262cebf4d
ssdeep: 3072:j6fCkz/ObqPoHs4jETVh1f8NBTbujbmal/stmEc++lM0Jwn0zw6:GfqhlYJ4rbE3/stmV++n
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Trojan-Ransom.Win32.Cryrar.hef also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 005324731 )
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
ALYac	Gen:Heur.Ransom.ACCDFISA.2
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_80% (D)
Alibaba	Ransom:Win32/Cryrar.df8d46b2
K7GW	Trojan ( 005324731 )
Cybereason	malicious.8b130c
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Filecoder.ACCDFISA.A
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.Cryrar.hef
BitDefender	Gen:Heur.Ransom.ACCDFISA.2
NANO-Antivirus	Trojan.Win32.Filecoder.ffxdgr
MicroWorld-eScan	Gen:Heur.Ransom.ACCDFISA.2
Tencent	Win32.Trojan.Cryrar.Alsy
Ad-Aware	Gen:Heur.Ransom.ACCDFISA.2
Sophos	Mal/Generic-R + Troj/Ransom-EZP
Comodo	Malware@#24phh1gv6yms8
BitDefenderTheta	Gen:NN.ZexaF.34678.oqW@aCGUv1c
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom.Win32.ACCDFISA.SMTH
McAfee-GW-Edition	BehavesLike.Win32.Dropper.dh
FireEye	Generic.mg.7db80598b130c346
Emsisoft	Gen:Heur.Ransom.ACCDFISA.2 (B)
SentinelOne	Static AI – Suspicious PE
Jiangmin	Trojan.Cryrar.cw
Avira	HEUR/AGEN.1112622
Microsoft	Trojan:Win32/Dynamer!rfn
GData	Win32.Trojan-Ransom.Accdfisa.A
AhnLab-V3	Malware/Win32.Generic.C2638464
McAfee	Trojan-FONN!7DB80598B130
MAX	malware (ai score=100)
VBA32	TrojanRansom.Cryrar
Malwarebytes	Malware.AI.2919163905
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom.Win32.ACCDFISA.SMTH
Rising	Ransom.Cryrar!8.4549 (CLOUD)
Yandex	Trojan.GenAsa!6C4m/wLshLM
Ikarus	Trojan-Ransom.Accdfisa
Fortinet	W32/Injector.ACCDFISA!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.Generic.HwUBEpsA

How to remove Trojan-Ransom.Win32.Cryrar.hef?

Trojan-Ransom.Win32.Cryrar.hef removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X