Bird_banner_small4
Trojan.MSIL.HiddenTearGCFS.A
TSL ID TSL20170419-06
Severity Moderate
Description

Trojan.MSIL.HiddenTearGCFS.A is a ransomware Trojan that targets the Windows platform. The malware encrypts files on the infected system. The malware sends the encryption keys and the collected system information to the remote attacker by email. It leaves the ransom note on the infected machine. The ransom note contains instructions in order to get the files decrypted.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 11A448B7E6003EF042C02BA9D1AF6B87
SHA1:
  • 8782A97E5C1799FD47AAF2F85457BBCCCBA028C6
Identifiers
McAfee
  • RANSOMWARE-FTD!11A448B7E600
Sophos
  • MAL/MSILRNSM-A
Symantec
  • TROJAN.GEN.2
TrendMicro
AhnLab
  • TROJAN/WIN32.RANSOM.C1853857
Arcabit
  • TROJAN.RANSOM.HIDDENTEARS.1
AVG
  • ATROS5.NTQ
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9797
BitDefender
  • GEN:HEUR.RANSOM.HIDDENTEARS.1
ClamAV
  • WIN.RANSOMWARE.HIDDENTEARS-6238085-0
Cyren
  • W32/RANSOM.DKFH-6300
DrWeb
  • TROJAN.ENCODER.10458
ESET
  • MSIL/FILECODER.AK
Fortinet
  • W32/GENERIC.FTD!TR
GData
  • WIN32.TROJAN-RANSOM.FILECODER.P@GEN
NANO-Antivirus
  • TROJAN.WIN32.FILECODER.EMEFBD
Qihoo-360
  • WIN32/TROJAN.RANSOM.786
Rising
  • RANSOM.RYZERLO!8.782
Tencent
  • WIN32.TROJAN.SPY.DXDC
ViRobot
  • TROJAN.WIN32.Z.RANSOM.211968.AX
Webroot
  • W32.GEN.BT
Yandex
  • TROJAN.AGENT!0GYWW6LLYKG
References https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-recap-old-ransomware-new-features
Related Threats