Ransom Trojan

Should I remove “Trojan-Ransom.Win32.Zerber.fepz”?

Malware Removal

The Trojan-Ransom.Win32.Zerber.fepz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Zerber.fepz virus can do?

  • Executable code extraction
  • Compression (or decompression)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • Creates an excessive number of UDP connection attempts to external IP addresses
  • Uses Windows utilities for basic functionality
  • Attempts to delete volume shadow copies
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Exhibits behavior characteristic of Cerber ransomware
  • EternalBlue behavior
  • Generates some ICMP traffic
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Zerber.fepz?



File Info:

crc32: 7A9C2CE2
md5: ab45bbc4549311c1abfccadf85ede481
name: AB45BBC4549311C1ABFCCADF85EDE481.mlw
sha1: 0b199939c9b941c7df81cf367c5832d2e1282e5c
sha256: b29d1f4e2a52b33aaeca517cb16d2122fb250629794c997d36d0c2a758b4586d
sha512: bd41da1d3b29e6f03c8a935522ad878f089c285f6ed0fc3c893f8c6a7bd8db3ea8d47dd194373487fb1f75d50310141154ddf6f31558a58bebf28e01ea074bec
ssdeep: 6144:FfgFQoFekimXAlpilsVNPj3rxe1FBuOovOWiHx5:9toqmXA+lsVpj3oT4O+Dex5
type: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive


Version Info:

LegalCopyright: PortableApps.com and contributors
InternalName: Mozilla Firefox, Portable Edition
FileVersion: 2.0.0.4
CompanyName: PortableApps.com
LegalTrademarks: PortableApps.com is a Trademark of Rare Ideas, LLC.
Comments: For additional details, visit PortableApps.com
ProductName: Mozilla Firefox, Portable Edition
ProductVersion: 2.0.0.4
FileDescription: Mozilla Firefox, Portable Edition
OriginalFilename: Firefox_Portable_lv2Uc1xf_2.0.0.4_en-us.paf.exe
Translation: 0x0409 0x04b0

Trojan-Ransom.Win32.Zerber.fepz also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 004e16c11 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.4691
CynetMalicious (score: 100)
CAT-QuickHealRansom.Cerber.B
ALYacTrojan.GenericKD.3754009
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.6278
SangforRansom.Win32.Zerber.fepz
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 004e16c11 )
Cybereasonmalicious.454931
SymantecPacked.NSISPacker!g2
ESET-NOD32Win32/Filecoder.Cerber.B
APEXMalicious
AvastWin32:Trojan-gen
KasperskyTrojan-Ransom.Win32.Zerber.fepz
BitDefenderTrojan.GenericKD.3754009
NANO-AntivirusTrojan.Nsis.Zerber.ejabtc
SUPERAntiSpywareRansom.Cerber/Variant
MicroWorld-eScanTrojan.GenericKD.3754009
TencentWin32.Trojan.Inject.Auto
Ad-AwareTrojan.GenericKD.3754009
SophosMal/Generic-S
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CERBERENC.SMNSX
McAfee-GW-EditionBehavesLike.Win32.Sality.dc
FireEyeGeneric.mg.ab45bbc4549311c1
EmsisoftTrojan-Ransom.Cerber (A)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1102533
MicrosoftRansom:Win32/Cerber.F
AegisLabTrojan.Win32.Generic.4!c
GDataTrojan.GenericKD.3754009
AhnLab-V3Trojan/Win32.Cerber.R190983
McAfeeArtemis!AB45BBC45493
MAXmalware (ai score=100)
VBA32Trojan-Ransom.Zerber
PandaTrj/CI.A
TrendMicro-HouseCallRansom_CERBERENC.SMNSX
FortinetW32/Injector.LC!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Cerber.HyoDXgcA

How to remove Trojan-Ransom.Win32.Zerber.fepz?

Trojan-Ransom.Win32.Zerber.fepz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment