How to remove "Win32:WanaCry-A [Trj]"?

The Win32:WanaCry-A [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32:WanaCry-A [Trj] virus can do?

Creates RWX memory
A process attempted to delay the analysis task.
Attempts to connect to a dead IP:Port (460 unique times)
Reads data out of its own binary image
A process created a hidden window
Drops a binary and executes it
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Attempts to repeatedly call a single API many times in order to delay analysis time
Installs itself for autorun at Windows startup
Creates a hidden or system file
EternalBlue behavior
Generates some ICMP traffic
Anomalous binary characteristics

Related domains:

www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com

ww38.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwff.com

How to determine Win32:WanaCry-A [Trj]?


File Info:
crc32: 3FE75CA4
md5: e13911c54daba2f1da0efb3f32ba87cb
name: tmpg_86w3p3
sha1: be098ce6bb9b0af16c0204c7ddb173f06cc4df22
sha256: bdc199a4011db698b1abe3f283c2901a2e222463c6890b47229992b348afc76b
sha512: 8b151618d43e3f9d8fb2b3d43bdaa640d4583d2df7383a2c68f1d45c546882c919654b3156d649e5b55fbfa886facef4b945ff3630bbb8b9d0a320734aec634e
ssdeep: 24576:RbLgurihdmMSirYbcMNgef0QeQjG/D8kIqRYoAdNLK:RnnMSPbcBVQej/1IN
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32:WanaCry-A [Trj] also known as:

K7AntiVirus	Exploit ( 0050d7a31 )
MicroWorld-eScan	Trojan.GenericKD.12015782
nProtect	Ransom/W32.WannaCry.5267459.F
CAT-QuickHeal	Ransom.Zenshirsh.SL8
ALYac	Trojan.GenericKD.12015782
Malwarebytes	Ransom.WannaCrypt
VIPRE	Trojan.Win32.Generic!BT
TheHacker	Trojan/Exploit.CVE-2017-0147.a
K7GW	Exploit ( 0050d7a31 )
CrowdStrike	malicious_confidence_100% (D)
Arcabit	Trojan.Generic.DB758A6
TrendMicro	Ransom_WCRY.SMJ
Baidu	Win32.Worm.Rbot.a
Symantec	Ransom.Wannacry
TrendMicro-HouseCall	Ransom_WCRY.SMJ
Avast	Win32:WanaCry-A [Trj]
ClamAV	Win.Ransomware.WannaCry-6313787-0
Kaspersky	Trojan-Ransom.Win32.Wanna.m
BitDefender	Trojan.GenericKD.12015782
NANO-Antivirus	Trojan.Win32.Wanna.epxkni
ViRobot	Trojan.Win32.WannaCry.5267459
Tencent	Suspicious.Heuristic.Gen.b.0
Ad-Aware	Trojan.GenericKD.12015782
Emsisoft	Trojan.GenericKD.12015782 (B)
F-Secure	Trojan.GenericKD.12015782
DrWeb	Trojan.Encoder.11432
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.RansomWannaCry.tz
Ikarus	Trojan.Win32.Exploit
Cyren	W32/WannaCrypt.A.gen!Eldorado
Jiangmin	Trojan.Wanna.k
Webroot	W32.Trojan.Gen
Avira	TR/WannaCrypt.wffqt
Antiy-AVL	Trojan[Ransom]/Win32.Wanna
Endgame	malicious (high confidence)
AegisLab	Troj.Ransom.W32.Wanna.toP0
ZoneAlarm	Trojan-Ransom.Win32.Wanna.m
GData	Win32.Exploit.CVE-2017-0147.A
AhnLab-V3	Trojan/Win32.WannaCryptor.R200894
AVware	Trojan.Win32.Generic!BT
MAX	malware (ai score=81)
VBA32	Hoax.Wanna
Cylance	Unsafe
ESET-NOD32	Win32/Exploit.CVE-2017-0147.A
Rising	Exploit.EternalBlue!1.AAED (CLASSIC)
Yandex	Exploit.CVE-2017-0147!
SentinelOne	static engine – malicious
eGambit	Trojan.Generic
AVG	Win32:WanaCry-A [Trj]
Panda	Trj/GdSda.A
Qihoo-360	QVM26.1.Malware.Gen

How to remove Win32:WanaCry-A [Trj]?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

How to remove “Win32:WanaCry-A [Trj]”?