Win32/Filecoder.Sodinokibi information

The Win32/Filecoder.Sodinokibi is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Filecoder.Sodinokibi virus can do?

The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs
Anomalous binary characteristics

How to determine Win32/Filecoder.Sodinokibi?


File Info:
crc32: 70E3991F
md5: 1ff591e2e37178684b73926816ea758c
name: upload_file
sha1: 5b79dd2791a817e283bc41f6ef3eff42c3b8f131
sha256: 2d73ce9f8e11bbbce1bec1147bf30ef60a6d362504fbf650b3c8a0ea6f7c4fbb
sha512: fd609855cbb4781456aba9da1455d5775b58971d1f73dc50dea277c3440b80440b73435ed151232da9709e74209f9166b4d29f97991b7bc4176845a26923dbbd
ssdeep: 1536:6njEER+AxX+zKxgjUtbWcpjSO/k6ICS4AokLdD:wm+xggtbWYamAd
type: PE32 executable (console) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32/Filecoder.Sodinokibi also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Fugrafa.10828
FireEye	Generic.mg.1ff591e2e3717868
CAT-QuickHeal	Trojan.GenericRI.S7143182
McAfee	GenericRXJB-QB!1FF591E2E371
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Trojan ( 0056c36b1 )
BitDefender	Gen:Variant.Fugrafa.10828
K7GW	Trojan ( 0056c36b1 )
Cybereason	malicious.2e3717
TrendMicro	Ransom_Sodinokibi.R069C0DH720
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:RansomX-gen [Ransom]
ClamAV	Win.Ransomware.Sodinokibi-7013612-0
NANO-Antivirus	Trojan.Win32.Filecoder.hvwjdn
Ad-Aware	Gen:Variant.Fugrafa.10828
Emsisoft	Gen:Variant.Fugrafa.10828 (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
Invincea	Mal/Generic-S
McAfee-GW-Edition	GenericRXJB-QB!1FF591E2E371
Sophos	Mal/Generic-S
Ikarus	Trojan-Ransom.Sodinokibi
Webroot	W32.Trojan.Gen
Avira	TR/Crypt.XPACK.Gen
MAX	malware (ai score=83)
Antiy-AVL	Trojan[Ransom]/Win32.Sodinokibi
Microsoft	Ransom:Win32/Revil.SI!MTB
Arcabit	Trojan.Fugrafa.D2A4C
GData	Win32.Trojan-Ransom.Sodinokibi.F
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Win32.Generic.C3490719
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34566.eyW@ayXu2vf
ALYac	Gen:Variant.Fugrafa.10828
Malwarebytes	Ransom.Sodinokibi
Panda	Trj/Genetic.gen
ESET-NOD32	Win32/Filecoder.Sodinokibi
TrendMicro-HouseCall	Ransom_Sodinokibi.R069C0DH720
Rising	Trojan.Fuery!8.EAFB (TFE:5:LKgsnobeRzN)
Yandex	Trojan.Filecoder!EKpMwhmu7m0
SentinelOne	DFI – Suspicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Graftor.2A43!tr
AVG	Win32:RansomX-gen [Ransom]
CrowdStrike	win/malicious_confidence_100% (W)
MaxSecure	Trojan.Malware.101574741.susgen

How to remove Win32/Filecoder.Sodinokibi?

Win32/Filecoder.Sodinokibi removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X