Ransom Trojan

What is “Trojan.Ransom.WLock (A)”?

Malware Removal

The Trojan.Ransom.WLock (A) is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Ransom.WLock (A) virus can do?

  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Trojan.Ransom.WLock (A)?



File Info:

crc32: 1C4ED7F2
md5: 6395b7400aa9813637da8c54f41b6244
name: 6395B7400AA9813637DA8C54F41B6244.mlw
sha1: 4a17088603c62632fea9b9c5694130841cf30c16
sha256: 9f37f0b6d8b3f2ef124c885e9e4fb856e720c9768a20c4e27e822d1b8f3284f3
sha512: 20da4cb651c1c7db873a9276ae1ac5dcbc9be9674dd334b3fc86be758a0654019177bf94a207ee37956e9f3ed26faaee15a3c417b08c5f2ff1de3ebf5b1d9645
ssdeep: 192:PVECocFUWe+o52mJibUaLUn3Mc4mhOuAC4CTPrGnBUVfjuDAQAfYdt6By7ZiAi:NocF13oEmsbU33cmUuAvsrWUFkTaOwA
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 Hewlett-Packard 2018
Assembly Version: 1.0.0.0
InternalName: Wlock.exe
FileVersion: 1.0.0.0
CompanyName: Hewlett-Packard
LegalTrademarks: 
Comments: 
ProductName: Wlock
ProductVersion: 1.0.0.0
FileDescription: Wlock
OriginalFilename: Wlock.exe

Trojan.Ransom.WLock (A) also known as:

K7AntiVirusTrojan ( 700000121 )
CynetMalicious (score: 99)
ALYacTrojan.GenericKD.12716974
CylanceUnsafe
ZillyaTrojan.Agent.Win32.894202
SangforRansom.MSIL.Agent.gqf
CrowdStrikewin/malicious_confidence_80% (D)
K7GWTrojan ( 700000121 )
Cybereasonmalicious.00aa98
SymantecRansom.HiddenTear!g1
ESET-NOD32a variant of MSIL/Filecoder.AK
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Ransom.MSIL.Agent.gqf
BitDefenderTrojan.GenericKD.12716974
NANO-AntivirusTrojan.Win32.Ransom.ewwube
MicroWorld-eScanTrojan.GenericKD.12716974
TencentMsil.Trojan.Agent.Wogb
Ad-AwareTrojan.GenericKD.12716974
SophosMal/Generic-S
ComodoMalware@#3jh5whvaptq97
BitDefenderThetaGen:NN.ZemsilF.34690.am0@aCo@YDb
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_WLOCK.THEBAAH
McAfee-GW-EditionRansomware-FTD!6395B7400AA9
FireEyeGeneric.mg.6395b7400aa98136
EmsisoftTrojan.Ransom.WLock (A)
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1123172
eGambitUnsafe.AI_Score_99%
MicrosoftTrojan:Win32/Dynamer!rfn
ArcabitTrojan.Generic.DC20BAE
AegisLabTrojan.Win32.Generic.4!c
GDataTrojan.GenericKD.12716974
AhnLab-V3Trojan/Win32.Agent.C2414824
McAfeeRansomware-FTD!6395B7400AA9
MAXmalware (ai score=99)
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_WLOCK.THEBAAH
RisingRansom.Agent!8.6B7 (CLOUD)
IkarusTrojan-Ransom.HiddenTear
FortinetMSIL/Filecoder.AK!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan.Ransom.WLock (A)?

Trojan.Ransom.WLock (A) removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment