Bird_banner_small4
Torjan.Win32.Mytreex.A
TSL ID TSL20170608-01
Severity Moderate
Description

Torjan.Win32.Mytreex.A is a ransomware Trojan that targets Windows platform. The malware encrypts files with specific extensions on the infected system. It uses custom encryption to encrypt the files. The malware communicate with its remote sever to inform the phases of the encryption. Moreover, it uses HTA and RTF files to display the ransom notes.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 36A0CEFEB8B0A606358142D4140EA7CF
SHA1:
  • 03CE13B4F60D2FC632B67B41B82B5E8CFAF9939F
Identifiers
McAfee
  • GENERICRXBE-RQ!36A0CEFEB8B0
Microsoft Malware Protection Center
Symantec
  • RANSOM.KOVTER
TrendMicro
AegisLab
  • TROJ.RANSOM.W32!C
AhnLab-V3
  • TROJAN/WIN32.MATRIXRAN.R198043
ALYac
  • TROJAN.RANSOM.MATRIX
Arcabit
  • TROJAN.GENERIC.D48F20D
Avira
  • TR/AD.CHACHARANSOM.ZSTMG
BitDefender
  • TROJAN.GENERICKD.4780557
Bkav
  • W32.DONTOSEYDBS.TROJAN
CAT-QuickHeal
  • RANSOM.MATRIX
Cyren
  • W32/TROJAN.OXUU-5277
DrWeb
  • TROJAN.INJECT2.52642
ESET-NOD32
  • WIN32/FILECODER.NKD
Fortinet
  • W32/GENERIC.AC.3EE523!TR
Ikarus
  • TROJAN-RANSOM.MATRIX
Jiangmin
  • TROJANDOWNLOADER.AGENT.FKXZ
NANO-Antivirus
  • TROJAN.WIN32.MATRIX.ENNKAD
nProtect
  • RANSOM/W32.MATRIX.371712
Tencent
  • WIN32.TROJAN.RAAS.AUTO
ViRobot
  • TROJAN.WIN32.RANSOM.371712
Yandex
  • TROJAN.FILECODER!CFNBNRHY9/W
Zillya
  • TROJAN.MATRIX.WIN32.4
ZoneAlarm
  • HEUR:TROJAN.WIN32.GENERIC
References https://www.bleepingcomputer.com/news/security/matrix-ransomware-spreads-to-other-pcs-using-malicious-shortcuts/
https://www.microsoft.com/security/portal/threat/encyclopedia/entry.aspx?Name=Ransom:Win32/Mytreex.A&ThreatID=-2147246507
Related Threats