Ransom Trojan

VHO:Trojan-Ransom.Win32.Encoder (file analysis)

Malware Removal

The VHO:Trojan-Ransom.Win32.Encoder is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VHO:Trojan-Ransom.Win32.Encoder virus can do?

  • Executable code extraction
  • The binary likely contains encrypted or compressed data.
  • Spoofs its process name and/or associated pathname to appear as a legitimate process
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

How to determine VHO:Trojan-Ransom.Win32.Encoder?



File Info:

crc32: E08B6163
md5: 011e7e0fabf17e10d1d4bdd36b5117ec
name: 011E7E0FABF17E10D1D4BDD36B5117EC.mlw
sha1: 7944ae1d281bbeeb6f317e2ececf6b4c83e63a06
sha256: 61ca175c2f04cb5279f8507e69385577cf04e4e896a01d0b5357746a241c7846
sha512: b6226b92f469da8cc9d9c85676fad69dcf8dccac2b982d7220d13f677d2c397f3cd97a52fd1ef1998bb098fbf999f615aa3dd171c1eeaca6249a21c6f849a470
ssdeep: 1536:71dR0NQhVdXGwNL5rlpX8f8L65VXLtrVxWG3:71dRjh241Xe5VXhrqG
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

VHO:Trojan-Ransom.Win32.Encoder also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0057a0261 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.33763
CynetMalicious (score: 100)
CylanceUnsafe
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0057a0261 )
Cybereasonmalicious.d281bb
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Filecoder.DarkSide.B
APEXMalicious
AvastWin32:Trojan-gen
KasperskyVHO:Trojan-Ransom.Win32.Encoder.gen
NANO-AntivirusVirus.Win32.Gen-Crypt.ccnc
SophosML/PE-A
BitDefenderThetaGen:NN.ZexaF.34670.duW@aiXhssh
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionBehavesLike.Win32.Generic.qc
FireEyeGeneric.mg.011e7e0fabf17e10
AviraTR/Crypt.XPACK.Gen
eGambitUnsafe.AI_Score_56%
MicrosoftRansom:Win32/DarkSide.G!MSR
GDataWin32.Trojan.Agent.Q8HMNK
AhnLab-V3Behavior_Ransom/Win.DarkSide.C4401014
Acronissuspicious
McAfeeArtemis!011E7E0FABF1
MalwarebytesMalware.Heuristic.1003
TrendMicro-HouseCallRansom_DarkSide.R011C0DD221
RisingMalware.Heuristic!ET#97% (RDMK:cmRtazovLGinE1INBxBPMg+2vOZY)
SentinelOneStatic AI – Malicious PE
FortinetW32/DarkSide.B!tr.ransom
AVGWin32:Trojan-gen
Qihoo-360Win32/Ransom.Generic.HxMBWNsA

How to remove VHO:Trojan-Ransom.Win32.Encoder?

VHO:Trojan-Ransom.Win32.Encoder removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment