Trojan

Should I remove “Trojan:Win32/GandCrypt.GB!MTB”?

Malware Removal

The Trojan:Win32/GandCrypt.GB!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Trojan:Win32/GandCrypt.GB!MTB virus can do?

  • Executable code extraction
  • The binary likely contains encrypted or compressed data.
  • Anomalous binary characteristics

How to determine Trojan:Win32/GandCrypt.GB!MTB?



File Info:

crc32: 720746EF
md5: e99a6653e12d6b676a8984380b387a15
name: 2c.jpg
sha1: 3c17b6a7e1f0d3be71cfa185d8866f7caccbeb46
sha256: 6556303d76c57a172c38ce49630acbceb6b5fb9f033a9ff0c3d1ad5668269c32
sha512: e908819771ba6eabb61433c65763593eb941554f677784657f4409cc51c7c342542e02bc2fe54caff9e3f3044ea993d29abfef499723a68222ed37cba1227941
ssdeep: 24576:zroIU88zqtrXk/VVDJAjqQDFp/a10tYXob:zrH58mtr0Z0dhpWqb
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

FileOldVersion: 1.0.4.4
ProductVersion: 1.7.6
Copyrighd: Copyrighd (C) 2020, odfgbiv
InternalNameTwo: gjtrrh.exe
Translation: 0x0841 0x04c4

Trojan:Win32/GandCrypt.GB!MTB also known as:

MicroWorld-eScanTrojan.GenericKD.32727374
CAT-QuickHealRansom.Troldesh
McAfeeRansomware-GRA!E99A6653E12D
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
K7AntiVirusTrojan ( 0055bbd91 )
K7GWTrojan ( 0055bbd91 )
Cybereasonmalicious.7e1f0d
TrendMicroTROJ_FRS.VSNW12K19
SymantecDownloader
ESET-NOD32a variant of Win32/Kryptik.GYNN
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Dropper.Tofsee-7402230-0
Kasperskynot-a-virus:NetTool.Win32.TorTool.abh
BitDefenderTrojan.GenericKD.32727374
NANO-AntivirusTrojan.Win32.Encoder.gixgyo
RisingTrojan.Kryptik!1.BE74 (CLASSIC)
Ad-AwareTrojan.GenericKD.32727374
ComodoMalware@#25wk32zyd6437
F-SecureTrojan.TR/AD.Troldesh.vauvq
DrWebTrojan.Encoder.858
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
Trapminemalicious.moderate.ml.score
FireEyeGeneric.mg.e99a6653e12d6b67
SophosTroj/Ransom-FSI
IkarusTrojan-Downloader.Win32.SmokeLoader
CyrenW32/Trojan.DLBN-3946
JiangminNetTool.TorTool.ax
WebrootW32.Trojan.GenKD
AviraTR/AD.Troldesh.vauvq
FortinetMalicious_Behavior.SB
Antiy-AVLRiskWare[NetTool]/Win32.TorTool
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D1F3614E
ViRobotTrojan.Win32.Z.Wacatac.1036800.C
ZoneAlarmnot-a-virus:NetTool.Win32.TorTool.abh
MicrosoftTrojan:Win32/GandCrypt.GB!MTB
AhnLab-V3Trojan/Win32.MalPe.R299953
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.32515.@y0@a4KyS0b
ALYacTrojan.Ransom.Shade
MAXmalware (ai score=85)
VBA32BScope.Trojan.Wacatac
MalwarebytesTrojan.MalPack.GS
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_FRS.VSNW12K19
SentinelOneDFI – Malicious PE
MaxSecureTrojan.Malware.74701925.susgen
GDataTrojan.GenericKD.32727374
AVGWin32:DropperX-gen [Drp]
AvastWin32:DropperX-gen [Drp]
CrowdStrikewin/malicious_confidence_100% (W)
Qihoo-360Win32/Virus.NetTool.0be

How to remove Trojan:Win32/GandCrypt.GB!MTB?

Trojan:Win32/GandCrypt.GB!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment