Categories: RansomTrojan

Trojan-Ransom.Win32.Wanna.amfk removal tips

The Trojan-Ransom.Win32.Wanna.amfk is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Wanna.amfk virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (2 unique times)
  • At least one IP Address, Domain, or File Name was found in a crypto call
  • Performs some HTTP requests
  • Attempts to modify desktop wallpaper
  • Installs itself for autorun at Windows startup
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

Related domains:

www.iuqssfsodp9ifjaposdfjhgosurijfaewrwergwea.com
www.youtube.com
ocsp.pki.goog
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
crls.pki.goog
crl.pki.goog

How to determine Trojan-Ransom.Win32.Wanna.amfk?



File Info:

crc32: 1684DA1Amd5: 1ead88d28672228d869f301ced11ab3fname: 1EAD88D28672228D869F301CED11AB3F.mlwsha1: 838fc5602797dd718e66b58b064b0253c23c367asha256: 20efbde8ff6ea8757f878df08c65c572c13c215a6e8e317952241953e65abc01sha512: 3ed4a4f6027cae903876324ee3222fa9122dd2910ffaade830bdd383d2cce92759273e68c941e3bfef8f7c0e6fdd53f3c23df88e24fb1f00cb370532bca77818ssdeep: 6144:tlQ4nUzqDsuF02Fhx+9OhAnN31aC7+Hz0BFBRo3DOofT1G4qfmlnwIWicKxi3hR:tlVnDDxF00wOKnhmUTn92FOMf2picFftype: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0409 0x04b0LegalCopyright:  InternalName: chkp5FileVersion: 1.00CompanyName:  LegalTrademarks:  ProductName:  ProductVersion: 1.00OriginalFilename: chkp5.exe

Trojan-Ransom.Win32.Wanna.amfk also known as:

K7AntiVirus Riskware ( 0040eff71 )
Lionic Trojan.Win32.Generic.4!c
McAfee Artemis!1EAD88D28672
Malwarebytes Malware.AI.4182603066
CrowdStrike win/malicious_confidence_60% (D)
K7GW Riskware ( 0040eff71 )
Cybereason malicious.02797d
Symantec Trojan.Gen.2
ESET-NOD32 a variant of Win32/VB.OTF
APEX Malicious
Avast Win32:Malware-gen
Kaspersky Trojan-Ransom.Win32.Wanna.amfk
NANO-Antivirus Trojan.Win32.Wanna.exuszz
Tencent Win32.Trojan.Ransomware.Auto
Sophos Mal/Generic-R + Mal/VB-GI
BitDefenderTheta Gen:NN.ZevbaF.34126.On0@amUSbvbi
VIPRE Trojan.Win32.Generic!BT
McAfee-GW-Edition BehavesLike.Win32.Trojan.tz
FireEye Generic.mg.1ead88d28672228d
SentinelOne Static AI – Suspicious PE
Avira TR/Dropper.Gen5
VBA32 BScope.Trojan.Dynamer
MAX malware (ai score=99)
Panda Trj/GdSda.A
Yandex Trojan.Wanna!rqF9KQwJ1YI
Ikarus Trojan-Ransom.Wanna
Fortinet W32/VB.GI!tr
AVG Win32:Malware-gen
Paloalto generic.ml

How to remove Trojan-Ransom.Win32.Wanna.amfk?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: chkp5crl.pki.googcrls.pki.googocsp.pki.googTrojan-Ransom.Win32.Wanna.amfkwww.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.comwww.iuqssfsodp9ifjaposdfjhgosurijfaewrwergwea.comwww.youtube.com
3 years ago

Recent Posts

Application.Tool.Camerashy.A (file analysis)

The Application.Tool.Camerashy.A is considered dangerous by lots of security experts. When this infection is active,…

38 seconds ago

Malware.AI.1031170948 malicious file

The Malware.AI.1031170948 is considered dangerous by lots of security experts. When this infection is active,…

6 mins ago

About “Trojan.Win32.Agent.xboajz” infection

The Trojan.Win32.Agent.xboajz is considered dangerous by lots of security experts. When this infection is active,…

12 mins ago

Generic.Dacic.94CCEEA9.A.E735D8F9 (B) (file analysis)

The Generic.Dacic.94CCEEA9.A.E735D8F9 (B) is considered dangerous by lots of security experts. When this infection is…

22 mins ago

About “Trojan.Win32.Agent.xbnyim” infection

The Trojan.Win32.Agent.xbnyim is considered dangerous by lots of security experts. When this infection is active,…

27 mins ago

Malware.AI.4004960091 malicious file

The Malware.AI.4004960091 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago