Ransom Trojan

Should I remove “Trojan.RansomKD.12128199”?

Malware Removal

The Trojan.RansomKD.12128199 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.RansomKD.12128199 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Network activity detected but not expressed in API logs

How to determine Trojan.RansomKD.12128199?



File Info:

crc32: ACEFA509
md5: 92c553ee9bc3a00651ab9c8ae36a2e64
name: 92C553EE9BC3A00651AB9C8AE36A2E64.mlw
sha1: dc1a1ff563f5c6a9da73862ad2c83c9dab401fed
sha256: 724af2c43ee4cf62a92bbb84788ce488aa7848358762ea3b6a9968bad8620fb7
sha512: 68e1cf664860acf3b67f12c05592bc37d486af70499ee2f8b98b3ad9ed9c1335ef6c5ab7f9a82d936c079b7b32df1874e3c9edd5f619f346913642858f7bcef6
ssdeep: 12288:kBw4tn8y3AGmEvX+3IdpvX5E6opcLyXTHSo0+UjuHENDPrBb1W:eFtNfmEvX+i/hopIyDy3+Gpto
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed


Version Info:

LegalCopyright: xa9 2017 HEI - Hoangkhien.com
InternalName: Hoxe0ng Khix1ec3n Easy Install Tools
FileVersion: 2.0.1.7
CompanyName: https://hoangkhien.com
ProductName: HEI
ProductVersion: 2.0.1.7
FileDescription: Camtasia Studio Easy Install
OriginalFilename: Camtasia Studio Easy Install.exe
Translation: 0x0809 0x04b0

Trojan.RansomKD.12128199 also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.4!c
ClamAVWin.Dropper.Autit-8177147-0
ALYacTrojan.RansomKD.12128199
BitDefenderTrojan.RansomKD.12128199
Cybereasonmalicious.e9bc3a
SymantecML.Attribute.HighConfidence
APEXMalicious
MicroWorld-eScanTrojan.RansomKD.12128199
TencentWin32.Trojan.Startpage.Htvp
Ad-AwareTrojan.RansomKD.12128199
FireEyeTrojan.RansomKD.12128199
SophosMal/Generic-S
GDataTrojan.RansomKD.12128199
MAXmalware (ai score=100)
YandexTrojan.StartPage!m7EnGGrzxQo

How to remove Trojan.RansomKD.12128199?

Trojan.RansomKD.12128199 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment