Bird_banner_small4
Trojan.MSIL.Crypmodadv.xpm
TSL ID TSL20180109-04
Severity Moderate
Description

Trojan.MSIL.Crypmodadv.xpm is a ransomware Trojan that targets the Windows platform. This malware generates a password to encrypt files on the infected system, and sends the encryption password and system information to a remote attacker using SMTP. The malware then informs the users about the file encryption and asks for a ransom to recover the files.

Affected Products
  • Microsoft Windows All Versions
File Hashes
MD5:
  • 6442CB95D264C58703BFFC085BCBA5D9
SHA1:
  • B3AF594BCE833D6B294DC99BE3AABC4B0B802101
Identifiers
Kaspersky
  • TROJAN-RANSOM.WIN32.CRYPMODADV.XPM
McAfee
  • ARTEMIS!6442CB95D264
TrendMicro
Arcabit
  • TROJAN.GENERIC.D610135
Avira
  • TR/SPY.GEN8
Baidu
  • WIN32.TROJAN.WISDOMEYES.16070401.9500.9911
BitDefender
  • TROJAN.GENERICKD.6357301
ESET-NOD32
  • MSIL/FILECODER.AK
Fortinet
  • MSIL/FILECODER.AK!TR
Jiangmin
  • TROJAN.GENERIC.BNNIW
Qihoo-360
  • WIN32/TROJAN.SPY.155
Tencent
  • WIN32.TROJAN.SPY.WMSO
Related Threats