Ransom Trojan

What is “VHO:Trojan-Ransom.MSIL.Encoder”?

Malware Removal

The VHO:Trojan-Ransom.MSIL.Encoder is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VHO:Trojan-Ransom.MSIL.Encoder virus can do?

  • Network activity detected but not expressed in API logs

How to determine VHO:Trojan-Ransom.MSIL.Encoder?



File Info:

crc32: 865441F0
md5: e8f8e4eb0d2c03f0b12fb1cf09932bbd
name: E8F8E4EB0D2C03F0B12FB1CF09932BBD.mlw
sha1: 8ae409a74a209c304233ce6c6f778915fc59264f
sha256: 81411c9010f2adcb4758bac5ed6128d5a76b24689d477f6ed2c3003fd57e4f3b
sha512: cdc0babd979a9210a80764fb8a1911d45defe937a9454d7d16e6b9c6cb1617220f103a0ebeee7fdc961198e50ec645010bffc3f24581d39a43c9237a57a3f672
ssdeep: 1536:4/M9WTLNHlHgp4YdZxInmGY4rzHoN9Od+nZYrur7H1x2vMsqj:ZMTLl+xcmGVYN9Od+n6Kr7Hvsqj
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright:  
Assembly Version: 0.0.0.0
InternalName: cgpshare.exe
FileVersion: 0.0.0.0
ProductVersion: 0.0.0.0
FileDescription:  
OriginalFilename: cgpshare.exe

VHO:Trojan-Ransom.MSIL.Encoder also known as:

Elasticmalicious (high confidence)
DrWebTrojan.EncoderNET.31368
CynetMalicious (score: 100)
ALYacTrojan.MSIL.Basic.6.Gen
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
Cybereasonmalicious.b0d2c0
CyrenW32/MSIL_Thanos.A.gen!Eldorado
SymantecRansom.Thanos
ESET-NOD32a variant of MSIL/Filecoder.Thanos.A
APEXMalicious
AvastWin32:MalwareX-gen [Trj]
KasperskyVHO:Trojan-Ransom.MSIL.Encoder.gen
BitDefenderTrojan.MSIL.Basic.6.Gen
MicroWorld-eScanTrojan.MSIL.Basic.6.Gen
Ad-AwareTrojan.MSIL.Basic.6.Gen
SophosML/PE-A + Troj/Kryptik-YI
F-SecureHeuristic.HEUR/AGEN.1139343
BitDefenderThetaAI:Packer.B2E612D71F
TrendMicroRansom.MSIL.THANOS.SM
McAfee-GW-EditionRansom-Thanos!E8F8E4EB0D2C
FireEyeGeneric.mg.e8f8e4eb0d2c03f0
EmsisoftTrojan.MSIL.Basic.6.Gen (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1139343
eGambitUnsafe.AI_Score_97%
MicrosoftRansom:MSIL/Thanos.DC!MTB
ArcabitTrojan.MSIL.Basic.6.Gen
GDataTrojan.MSIL.Basic.6.Gen
AhnLab-V3Malware/Win32.RL_Generic.C4295463
McAfeeRansom-Thanos!E8F8E4EB0D2C
MAXmalware (ai score=80)
TrendMicro-HouseCallRansom.MSIL.THANOS.SM
IkarusTrojan-Ransom.Thanos
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Thanos.A!tr.ransom
AVGWin32:MalwareX-gen [Trj]
Qihoo-360Win32/Trojan.Generic.HwMAn74A

How to remove VHO:Trojan-Ransom.MSIL.Encoder?

VHO:Trojan-Ransom.MSIL.Encoder removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment