Ransom Trojan

Trojan-Ransom.Win32.Encoder.rk information

Malware Removal

The Trojan-Ransom.Win32.Encoder.rk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Encoder.rk virus can do?

  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Reads data out of its own binary image
  • Attempts to modify desktop wallpaper
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Encoder.rk?



File Info:

crc32: 72A24E81
md5: f7f04bc96a4c18213fa19c7778a1608e
name: F7F04BC96A4C18213FA19C7778A1608E.mlw
sha1: b4f978bb1f10244ce36d7aed170e35f651ce253f
sha256: 48b4f658903a6e052b0649dfdb935340c5cead389a60b7b7a3a115d8e8f579d4
sha512: 0a35a9e24893ceb9fa3ba2dfbbb9a6db6fa9888a28759bd4267ca621eff13017f0177bf0cc9daebe3efe131daaf4083cd2e46e21bcb4a2e4a488fd53e8920585
ssdeep: 12288:ChkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcE4ajzzzzzzzkkMrpa:iRmJkcoQricOIQxiZY1iajzzzzzzznMo
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

CompiledScript: AutoIt v3 Script: 3, 3, 8, 1
FileVersion: 3, 3, 8, 1
FileDescription: 
Translation: 0x0809 0x04b0

Trojan-Ransom.Win32.Encoder.rk also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 0050d7461 )
DrWebTrojan.Encoder.24597
CynetMalicious (score: 99)
ALYacGeneric.Ransom.Locked.767B115C
CylanceUnsafe
ZillyaTrojan.Encoder.Win32.205
CrowdStrikewin/malicious_confidence_90% (W)
AlibabaRansom:Win32/Pocrimcrypt.5652a184
K7GWTrojan ( 0050d7461 )
Cybereasonmalicious.96a4c1
CyrenW32/AutoIt.AQ2.gen!Eldorado
SymantecRansom.GandCrab
ESET-NOD32a variant of Win32/Filecoder.Crypt888.B
APEXMalicious
AvastAutoIt:Ransom-L [Trj]
ClamAVWin.Malware.Autoit-6992337-0
KasperskyTrojan-Ransom.Win32.Encoder.rk
BitDefenderGeneric.Ransom.Locked.767B115C
NANO-AntivirusTrojan.Win32.Encoder.fhyksg
MicroWorld-eScanGeneric.Ransom.Locked.767B115C
TencentWin32.Trojan.Encoder.Egnw
Ad-AwareGeneric.Ransom.Locked.767B115C
SophosMal/Generic-S
ComodoMalware@#1htsi03plqfdy
BitDefenderThetaAI:Packer.E19D7A3317
TrendMicroRansom.AutoIt.CRYPTEIGHT.SMTH
McAfee-GW-EditionBehavesLike.Win32.Dropper.jh
FireEyeGeneric.Ransom.Locked.767B115C
EmsisoftGeneric.Ransom.Locked.767B115C (B)
JiangminTrojan.Banker.Agent.cal
AviraHEUR/AGEN.1110296
MicrosoftTrojan:Win32/Occamy.C
ArcabitGeneric.Ransom.Locked.767B115C
ZoneAlarmTrojan-Ransom.Win32.Encoder.rk
GDataGeneric.Ransom.Locked.767B115C (2x)
McAfeeArtemis!F7F04BC96A4C
MAXmalware (ai score=99)
VBA32Trojan.Encoder
MalwarebytesMalware.AI.3512376734
PandaTrj/CI.A
TrendMicro-HouseCallRansom.AutoIt.CRYPTEIGHT.SMTH
RisingRansom.Crypt888/Autoit!1.C27B (CLASSIC)
IkarusTrojan-Ransom.Crypt888
MaxSecureTrojan.Autoit.AZA
FortinetW32/Filecoder.DYB!tr
AVGAutoIt:Ransom-L [Trj]
Paloaltogeneric.ml

How to remove Trojan-Ransom.Win32.Encoder.rk?

Trojan-Ransom.Win32.Encoder.rk removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment