Ransom Trojan

What is “Trojan-Ransom.Win32.Zerber.fzku”?

Malware Removal

The Trojan-Ransom.Win32.Zerber.fzku is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan-Ransom.Win32.Zerber.fzku virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Attempts to modify desktop wallpaper
  • Exhibits behavior characteristic of Cerber ransomware
  • Attempts to execute a binary from a dead or sinkholed URL
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Attempts to access Bitcoin/ALTCoin wallets
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine Trojan-Ransom.Win32.Zerber.fzku?



File Info:

crc32: 6A13D035
md5: 05e86d0160c54245aeee22d2b0ae32d3
name: 05E86D0160C54245AEEE22D2B0AE32D3.mlw
sha1: 4247f596af8f5bf28062bd1244706c03366947c1
sha256: 394e7dd387a342e4cc40b398f1c98efae01eb16528c819fa4a662120c08127d1
sha512: 434cae440799cd5f95b16bb2c4728744e4939e7104a923584539e411898ea3600b1b217bba537c28bf4bf7735321aedf887b651849b27bdb5c2abdd77ff04c2b
ssdeep: 3072:vE76JwprCqIW4JQXcNqxhNZzefd2yW4bvo3e5S7x3BbIHz5WSnrqoH8QVn/sS:vZurfSqcNqxhaFtdb55SDb05WqOocQ5
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Trojan-Ransom.Win32.Zerber.fzku also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.10390
CynetMalicious (score: 100)
CAT-QuickHealRansom.Exxroute.A3
ALYacGen:Heur.Ransom.Cerber.2
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1292592
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/generic.ali2000010
K7GWTrojan ( 00507a3f1 )
K7AntiVirusTrojan ( 0050d3751 )
CyrenW32/S-93f70758!Eldorado
SymantecPacked.Generic.493
ESET-NOD32a variant of Win32/Kryptik.FPGU
APEXMalicious
AvastWin32:Filecoder-AY [Trj]
ClamAVWin.Ransomware.Cerber-7406391-0
KasperskyTrojan-Ransom.Win32.Zerber.fzku
BitDefenderGen:Heur.Ransom.Cerber.2
NANO-AntivirusTrojan.Win32.Kryptik.emftnq
MicroWorld-eScanGen:Heur.Ransom.Cerber.2
TencentMalware.Win32.Gencirc.10b4988e
Ad-AwareGen:Heur.Ransom.Cerber.2
SophosML/PE-A + Mal/Elenoocka-E
ComodoTrojWare.Win32.Crypt.C@7vajd0
F-SecureHeuristic.HEUR/AGEN.1116787
BitDefenderThetaGen:NN.ZexaF.34608.qmX@aO2Hi7pi
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CERBER.SM37
McAfee-GW-EditionBehavesLike.Win32.Ransomware.dc
FireEyeGeneric.mg.05e86d0160c54245
EmsisoftGen:Heur.Ransom.Cerber.2 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Zerber.ayf
WebrootW32.Trojan.Gen
AviraHEUR/AGEN.1116787
eGambitUnsafe.AI_Score_94%
Antiy-AVLTrojan[Ransom]/Win32.Zerber
MicrosoftRansom:Win32/Cerber
ArcabitTrojan.Ransom.Cerber.2
AegisLabTrojan.Win32.Zerber.j!c
ZoneAlarmTrojan-Ransom.Win32.Zerber.fzku
GDataGen:Heur.Ransom.Cerber.2
AhnLab-V3Trojan/Win32.Cerber.C1831438
Acronissuspicious
McAfeeRansomware-FMJ!05E86D0160C5
MAXmalware (ai score=88)
VBA32BScope.TrojanPSW.Papras
MalwarebytesCerber.Ransom.Encrypt.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallRansom_CERBER.SM37
RisingTrojan.Kryptik!1.AF6C (CLASSIC)
YandexTrojan.GenAsa!qszwImXd9js
IkarusTrojan-Ransom.Cerber
FortinetW32/Tofsee.BJ!tr
AVGWin32:Filecoder-AY [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Cerber.HxMBFZsA

How to remove Trojan-Ransom.Win32.Zerber.fzku?

Trojan-Ransom.Win32.Zerber.fzku removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment