Ransom Trojan

Trojan-Ransom.Win32.Gen.abam (file analysis)

Malware Removal

The Trojan-Ransom.Win32.Gen.abam is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Gen.abam virus can do?

  • Expresses interest in specific running processes
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Trojan-Ransom.Win32.Gen.abam?



File Info:

crc32: E96B8163
md5: d7c1bf6df0fa7c47651c3933bb553421
name: D7C1BF6DF0FA7C47651C3933BB553421.mlw
sha1: 7e1b4251cc44e0aaed5956597b2edb248ff0bbb5
sha256: f2682f7c3d3a0ba9e3587bcd7700ed5764af77aa4ff22f6d7903e9386b4d1b86
sha512: 6f6a575c4a87c9e3d247fc9d018e72bc230edef20d359cd9579368dc5869ad3425b746f4bec66caaa640731780ae16c2f9a346c93416ec28f9ff70cd678b80de
ssdeep: 49152:Kh+ZkldoPK8Yac6gpaNjJdy5W9L/Hw+htdUqP:D2cPK8W3AIW9LI+hvUq
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: by Unify Software and Solutions GmbH & Co. KG
FileVersion: 4.0.3.0
CompanyName: Unify Software and Solutions GmbH & Co. KG
Comments: 4.0.3.0
ProductName: OpenScape Accounting
ProductVersion: 4.0.3.0
FileDescription: Unify Software and Solutions GmbH & Co. KG
Translation: 0x0407 0x04b0

Trojan-Ransom.Win32.Gen.abam also known as:

BkavW32.AIDetect.malware2
CylanceUnsafe
AlibabaRansom:Win32/DelFile.43f5dc89
CyrenW32/AutoIt.KF.gen!Eldorado
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 99)
KasperskyTrojan-Ransom.Win32.Gen.abam
SophosGeneric PUA HO (PUA)
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.TrojanAitInject.tc
AviraTR/DelFile.wibtq
eGambitUnsafe.AI_Score_98%
AhnLab-V3Malware/Win.Foxiebro.C4471672
McAfeeArtemis!D7C1BF6DF0FA
MalwarebytesMachineLearning/Anomalous.100%
IkarusTrojan.DelFile
MaxSecureTrojan.Malware.300983.susgen
FortinetMalicious_Behavior.SB
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan-Ransom.Win32.Gen.abam?

Trojan-Ransom.Win32.Gen.abam removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment