Bird_banner_small4
Trojan.Win32.Gibon.A
TSL ID TSL20171107-08
Severity Moderate
Description

Trojan.Win32.Gibon.A is a ransomware Trojan that targets the Windows platform. It is reported that the malware has been used in attacks. The malware collects system information and sends it to a remote server. It encrypts files on the infected system. It then demands the infected user to pay a ransom in order to get the files decrypted.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 5BAED5607749DEABDDD1722F3C3BFA0F
SHA1:
  • 11CDB444BB7453B65453D584815005E228A1FE5D
Identifiers
Kaspersky
  • TROJAN-RANSOM.WIN32.CRYPREN.ADYO
Microsoft Malware Protection Center
Sophos
  • TROJ/RANSOM-ERY
Symantec
  • RANSOM.CRYPTXXX
TrendMicro
AhnLab
  • TROJAN/WIN32.CRYPREN.R212092
ALYac
  • TROJAN.RANSOM.GIBON
Arcabit
  • TROJAN.SYMMI.D13600
Avira
  • TR/CRYPREN.IQWAD
BitDefender
  • GEN:VARIANT.SYMMI.79360
Cybereason
  • MALICIOUS.1B8FB7
Cyren
  • W32/TROJAN.XJLY-3574
DrWeb
  • TROJAN.ENCODER.15110
ESET
  • WIN32/FILECODER.GIBON.A
Fortinet
  • W32/CRYPREN.ADYO!TR
GData
  • WIN32.TROJAN-RANSOM.GIBON.A
Jiangmin
  • TROJAN.CRYPREN.KD
NANO-Antivirus
  • TROJAN.WIN32.MLW.EUSWLF
Qihoo-360
  • WIN32/TROJAN.AB6
Tencent
  • WIN32.TROJAN.SYMMI.SYSK
ViRobot
  • TROJAN.WIN32.S.CRYPREN.535040
Webroot
  • W32.CRYPREN.ADYO
References https://www.bleepingcomputer.com/news/security/gibon-ransomware-being-distributued-by-malspam/
https://www.microsoft.com/en-us/wdsi/threats/malware-encyclopedia-description?name=RANSOM:WIN32/NOBIG
Related Threats