Bird_banner_small4
Trojan.MSIL.HiddenTear.DGSOM
TSL ID TSL20170215-01
Severity Moderate
Description

Trojan.MSIL.HiddenTear.DGSOM is a ransomware Trojan that targets the Windows platform. This malware generates a password and sends it to a remote server. The malware encrypts files on the infected machine. It then demands the infected user to pay a ransom in order to get the files decrypted.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 051DB71CDFD3A5E1F99CDEC2C964B771
SHA1:
  • 7F0E762FE6AA75E2C5CA2EB09CDFC18D9B466FF8
Identifiers
Kaspersky
  • TROJAN-RANSOM.WIN32.GEN.COT
McAfee
  • RANSOMWARE-FTD!051DB71CDFD3
Microsoft Malware Protection Center
Symantec
  • TROJAN.GEN.2
TrendMicro
AegisLab
  • LUHE.FIHA.GEN!C
Arcabit
  • TROJAN.GENERIC.D1384067
AVG
  • LUHE.FIHA.A
Avira
  • TR/ATRAPS.PAGWE
BitDefender
  • TROJAN.GENERIC.20463719
Fortinet
  • W32/GEN.COT!TR
Ikarus
  • RANSOM.MSIL.RYZERLO
Qihoo-360
  • WIN32/TROJAN.331
Rising
  • RANSOM.GEN!8.DE83-CDESMWIHKDC
Tencent
  • WIN32.TROJAN.GEN.CHP
Yandex
  • TROJAN.GEN!MVQ9IG/XX5Q
References https://www.bleepingcomputer.com/news/security/the-week-in-ransomware-february-10th-2017-serpent-spora-id-ransomware/
Related Threats