Ransom • Trojan

Should I remove “Trojan-Ransom.Win32.Encoder.mbz”?

The Trojan-Ransom.Win32.Encoder.mbz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan-Ransom.Win32.Encoder.mbz virus can do?

Attempts to repeatedly call a single API many times in order to delay analysis time
Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Encoder.mbz?


File Info:
crc32: BFAA5AD9
md5: 7b23de8fb6a3b48a07d92f34974b03a7
name: 7B23DE8FB6A3B48A07D92F34974B03A7.mlw
sha1: ca48f363025931ec09b62362a072a35c28de4f96
sha256: 13fa3631fc2bf22921ac77b9f5a0ca61e30986c62ae2b87dfb277e58d20632ce
sha512: d8a5c32c63fd8c7ad556c65d9210621e927e667a2834cbd05355a4089bbca6cb5dc459d1eb5d320835f808913a0c00347a8287dc55803facb37a6830c0b910d3
ssdeep: 1536:B7fbN3eEDhDPA/pICdUkbBtW7upvaLU0bI5taxKo0IOlnToIfwwvoO:17DhdC6kzWypvaQ0FxyNTBfwu
type: PE32 executable (console) Intel 80386, for MS Windows

Version Info:
LegalCopyright: (C) Alex Cuglea 2021. All rights reserved.
InternalName: FlyeyeAntivirus.exe
FileVersion: 1.0.0.0
CompanyName: Alex Cuglea
ProductName: FlyeyeTM Antivirus
ProductVersion: 1.0.0.0
FileDescription: Flyeye Antivirus Installer 1.0.0.0
OriginalFilename: FlyeyeAntivirus.exe
Translation: 0x0409 0x04b0

Trojan-Ransom.Win32.Encoder.mbz also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 0052419b1 )
Cynet	Malicious (score: 100)
McAfee	RDN/Ransom
Sangfor	Riskware.Win32.Wacapew.C
CrowdStrike	win/malicious_confidence_60% (W)
Alibaba	Trojan:Win32/Generic.32d36430
K7GW	Trojan ( 0052419b1 )
Cybereason	malicious.302593
Cyren	W32/Trojan.KGNM-4247
Symantec	ML.Attribute.HighConfidence
Avast	Win32:Malware-gen
Kaspersky	Trojan-Ransom.Win32.Encoder.mbz
BitDefender	Trojan.GenericKD.46104065
MicroWorld-eScan	Trojan.GenericKD.46104065
Ad-Aware	Trojan.GenericKD.46104065
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZexaF.34678.fu0@a4pfmLmi
McAfee-GW-Edition	BehavesLike.Win32.Dropper.nh
FireEye	Generic.mg.7b23de8fb6a3b48a
Emsisoft	Trojan.GenericKD.46104065 (B)
Antiy-AVL	Trojan/Win32.Occamy
Microsoft	Trojan:Win32/Wacatac.A!ml
Arcabit	Trojan.Generic.D2BF7E01
AegisLab	Trojan.Win32.Encoder.trrL
ZoneAlarm	Trojan-Ransom.Win32.Encoder.mbz
GData	Trojan.GenericKD.46104065
TACHYON	Trojan/W32.Agent.92672.AGA
MAX	malware (ai score=88)
Malwarebytes	Malware.Heuristic.1008
Rising	Ransom.Encoder!8.FFD4 (CLOUD)
Fortinet	W32/Encoder.MBZ!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
Qihoo-360	Win32/Ransom.Encoder.HwUBqbcA

How to remove Trojan-Ransom.Win32.Encoder.mbz?

Trojan-Ransom.Win32.Encoder.mbz removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X