Ransom Trojan

Trojan-Ransom.Win32.Wanna.amir (file analysis)

Malware Removal

The Trojan-Ransom.Win32.Wanna.amir is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan-Ransom.Win32.Wanna.amir virus can do?

  • Authenticode signature is invalid

How to determine Trojan-Ransom.Win32.Wanna.amir?


File Info:

name: 3A4DDA8FF8A61344396F.mlw
path: /opt/CAPEv2/storage/binaries/7b1d868da276549c62ad1e1a0910e63d2579f044695ad87b281cdf93c236bbb0
crc32: 11C92ED0
md5: 3a4dda8ff8a61344396f5649b091fb63
sha1: 08ab64f7ed2a56d27a328a30205f923a8571d593
sha256: 7b1d868da276549c62ad1e1a0910e63d2579f044695ad87b281cdf93c236bbb0
sha512: 6b00cba24c3c237bfb78af8ce825112f094c775f33717b8bd688977234e056e728b35365cc4741e153c76b7502267f3eb66f9bcee376832550dd7afe9fc07ce8
ssdeep: 48:CHQUTYHRODBAUgtwJaMLdK7ng8+hLYsvLWV8SJfnckDt6WdeVRHyrMu3LQWnXYvi:ChrAb4Q7HuLm3fnFt6WdeTyrMtk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T195950ADB78DA9E73D5CC2970EA08EB40A330963517BC8B41B7E48D3AB306B765501863
sha3_384: 78fe441922ed5d4e02b628142cfcca67b194355d2530a499ee7d4b55c9bb8e8ee91efc18eab5884ae353cac6ce7c7c95
ep_bytes: 00000000000000000000000000000000
timestamp: 2015-09-20 19:44:01

Version Info:

0: [No Data]

Trojan-Ransom.Win32.Wanna.amir also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Wanna.u!c
Elasticmalicious (moderate confidence)
MalwarebytesMachineLearning/Anomalous.100%
AlibabaRansom:Win32/Wanna.5d2657e4
CrowdStrikewin/malicious_confidence_100% (W)
Paloaltogeneric.ml
KasperskyTrojan-Ransom.Win32.Wanna.amir
SUPERAntiSpywareRansom.Crypt/Variant
AvastFileRepMalware [Trj]
TencentWin32.Trojan.Wanna.Lkef
TACHYONRansom/W32.WannaCry.2061938.F
SophosMal/Generic-S
ZillyaTrojan.Wanna.Win32.1779
McAfee-GW-EditionArtemis
Trapminesuspicious.low.ml.score
APEXMalicious
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftTrojan:Win32/Ymacco.AA7B
ZoneAlarmTrojan-Ransom.Win32.Wanna.amir
CynetMalicious (score: 100)
McAfeeArtemis!3A4DDA8FF8A6
VBA32TrojanRansom.Wanna
CylanceUnsafe
RisingTrojan.Generic@AI.84 (RDML:9ffw3ra3ttezSfdi/wofkQ)
IkarusTrojan-Ransom.WannaCrypt
FortinetW32/Wanna.AMIR!tr
AVGFileRepMalware [Trj]

How to remove Trojan-Ransom.Win32.Wanna.amir?

Trojan-Ransom.Win32.Wanna.amir removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment