Ransom Trojan

Trojan-Ransom.Win32.GenericCryptor.fgq removal instruction

Malware Removal

The Trojan-Ransom.Win32.GenericCryptor.fgq is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.GenericCryptor.fgq virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Compression (or decompression)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to modify desktop wallpaper
  • Exhibits behavior characteristic of Cerber ransomware
  • Attempts to execute a binary from a dead or sinkholed URL
  • Writes a potential ransom message to disk
  • Attempts to modify proxy settings
  • Attempts to access Bitcoin/ALTCoin wallets
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.GenericCryptor.fgq?



File Info:

crc32: 6D17FFCA
md5: 0161b0932d18e60dcb6cb325b9d83971
name: 0161B0932D18E60DCB6CB325B9D83971.mlw
sha1: f2f57289ee3736a339658e6c44b1953b16ccf39b
sha256: 8e7276b6c855da20ecc727fff77db1586bd1ffbd91dcc19331292b6d017023fa
sha512: 4f60167ae0cb96f87b195c67b7971d673326ef298269b32e0889b99fef98ac8b84557e5af25e9fc76e5d1d83d1fe38c8a3fc26bc268141495bee43e89a73f292
ssdeep: 6144:H28A9Mmeh5PNJTEM9akV3jt95bx3nzBUq:W8LnQk9jlbRzBR
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

0: [No Data]

Trojan-Ransom.Win32.GenericCryptor.fgq also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0050885a1 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.10464
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.4633297
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.66620
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Injector.4222df88
K7GWTrojan ( 0050885a1 )
Cybereasonmalicious.32d18e
CyrenW32/Cerber.LHNA-7575
ESET-NOD32a variant of Win32/Injector.DMLC
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Ransomware.Cerber-6987220-0
KasperskyTrojan-Ransom.Win32.GenericCryptor.fgq
BitDefenderTrojan.GenericKD.4633297
NANO-AntivirusTrojan.Win32.DMLC.emmdfe
MicroWorld-eScanTrojan.GenericKD.4633297
TencentWin32.Trojan.Genericcryptor.Cqz
Ad-AwareTrojan.GenericKD.4633297
SophosML/PE-A + Mal/Cerber-Z
BitDefenderThetaGen:NN.ZedlaF.34608.cq4@aGJ!Bdk
VIPRETrojan.Win32.Generic!BT
TrendMicroTROJ_GEN.R002C0PBH21
McAfee-GW-EditionBehavesLike.Win32.ICLoader.dc
FireEyeGeneric.mg.0161b0932d18e60d
EmsisoftTrojan-Ransom.Cerber (A)
SentinelOneStatic AI – Suspicious PE
WebrootW32.Ransom.Gen
AviraHEUR/AGEN.1116898
eGambitGeneric.Malware
KingsoftWin32.Troj.Generic.v.(kcloud)
MicrosoftRansom:Win32/Cerber!rfn
AegisLabTrojan.Win32.GenericCryptor.j!c
GDataTrojan.GenericKD.4633297
TACHYONRansom/W32.Cerber.236316
AhnLab-V3Trojan/Win32.Cerber.R196732
McAfeeArtemis!0161B0932D18
MAXmalware (ai score=81)
VBA32Hoax.GenericCryptor
MalwarebytesMalware.AI.3487788223
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_GEN.R002C0PBH21
RisingRansom.Cerber!8.3058 (CLOUD)
YandexTrojan.Injector!YVeOSF8MKqo
IkarusTrojan.Win32.Injector
FortinetW32/Injector.DMTB!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Generic.HyoD2nsA

How to remove Trojan-Ransom.Win32.GenericCryptor.fgq?

Trojan-Ransom.Win32.GenericCryptor.fgq removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment