Win32/Filecoder.OLC

What is the Win32:Evo-gen [Trj] virus?
Written by Robert Bailey
Spectating the Win32/Filecoder.OLC detection usually means that your PC is in big danger. This computer virus can correctly be named as ransomware – type of malware which encrypts your files and asks you to pay for their decryption. Deleteing it requires some peculiar steps that must be done as soon as possible.
GridinSoft Anti-Malware Review
It is better to prevent, than repair and repent!
When we talk about the intrusion of unfamiliar programs into your computer’s work, the proverb “Forewarned is forearmed” describes the situation as accurately as possible. Gridinsoft Anti-Malware is exactly the tool that is always useful to have in your armory: fast, efficient, up-to-date. It is appropriate to use it as an emergency help at the slightest suspicion of infection.
Gridinsoft Anti-Malware 6-day trial available.
EULA | Privacy Policy | 10% Off Coupon
Subscribe to our Telegram channel to be the first to know about news and our exclusive materials on information security.

Win32/Filecoder.OLC detection is a malware detection you can spectate in your computer. It often shows up after the preliminary activities on your PC – opening the suspicious e-mail messages, clicking the banner in the Internet or setting up the program from untrustworthy resources. From the instance it shows up, you have a short time to take action until it starts its destructive action. And be sure – it is far better not to await these harmful effects.

What is Win32/Filecoder.OLC virus?

Win32/Filecoder.OLC is ransomware-type malware. It searches for the files on your disk drives, ciphers it, and after that asks you to pay the ransom for receiving the decryption key. Besides making your documents locked, this malware also does a ton of damage to your system. It modifies the networking setups in order to prevent you from looking for the removal articles or downloading the anti-malware program. In rare cases, Win32/Filecoder.OLC can even stop the launching of anti-malware programs.

Win32/Filecoder.OLC Summary

In summary, Win32/Filecoder.OLC virus actions in the infected PC are next:

  • The binary contains an unknown PE section name indicative of packing;
  • Authenticode signature is invalid;
  • Ciphering the documents kept on the target’s drives — so the victim cannot open these documents;
  • Blocking the launching of .exe files of anti-virus programs
  • Blocking the launching of installation files of anti-malware apps

Ransomware has been a nightmare for the last 4 years. It is hard to picture a more hazardous malware for both individual users and businesses. The algorithms utilized in Win32/Filecoder.OLC (typically, RHA-1028 or AES-256) are not hackable – with minor exclusions. To hack it with a brute force, you need more time than our galaxy currently exists, and possibly will exist. But that virus does not do all these terrible things instantly – it can take up to a few hours to cipher all of your documents. Hence, seeing the Win32/Filecoder.OLC detection is a clear signal that you have to start the removal procedure.

Where did I get the Win32/Filecoder.OLC?

Typical methods of Win32/Filecoder.OLC injection are typical for all other ransomware examples. Those are one-day landing websites where users are offered to download and install the free software, so-called bait e-mails and hacktools. Bait emails are a relatively new strategy in malware distribution – you get the e-mail that mimics some routine notifications about deliveries or bank service conditions changes. Within the email, there is a malicious MS Office file, or a link which leads to the exploit landing site.

Malicious email spam

Malicious email message. This one tricks you to open the phishing website.

Avoiding it looks quite uncomplicated, but still demands a lot of focus. Malware can hide in different spots, and it is much better to stop it even before it goes into your PC than to rely on an anti-malware program. General cybersecurity awareness is just an essential item in the modern world, even if your relationship with a PC remains on YouTube videos. That can save you a great deal of money and time which you would spend while searching for a fix guide.

Win32/Filecoder.OLC malware technical details

File Info:

name: 1B864B1853195A809B04.mlw
path: /opt/CAPEv2/storage/binaries/accd5bcf57e8f9ef803079396f525955d2cfffbf5fe8279f744ee17a7c7b9aac
crc32: 430896BA
md5: 1b864b1853195a809b04c32091a8d077
sha1: ac4b698d369d2d031b33307a8a6bfdffb3d48010
sha256: accd5bcf57e8f9ef803079396f525955d2cfffbf5fe8279f744ee17a7c7b9aac
sha512: 063a6bb95035414f1eec580dafbf5b4748ed63892a5905bfa8c600f17e95f45a2c4e8c2948807448eb6833f0260ff7aaede288f8d169990f80b41759def03534
ssdeep: 24576:oYj5E9T+xHeQhNmYOnW8FQrbID+u9vxUs:Z5E9LQvRrtSvJ
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10F356D2BF246F53EC46A1ABA4AA3A3185C3B7B5165368C0E57F40D8CCE2D4412E3B747
sha3_384: 88c07c1edaa13300eca0b5980d27c88a94aaaea7d53747cbe582a9d3f2688c8e0f0c96216a0b3608e4aec67f98e2b9b4
ep_bytes: 558becb90f0000006a006a004975f951
timestamp: 2022-11-13 06:29:56

Version Info:

0: [No Data]

Win32/Filecoder.OLC also known as:

Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
ZillyaTrojan.Filecoder.Win32.27690
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderGen:Variant.Fragtor.168126
K7GWTrojan ( 7000000f1 )
K7AntiVirusTrojan ( 7000000f1 )
ESET-NOD32a variant of Win32/Filecoder.OLC
APEXMalicious
KasperskyHEUR:Trojan-Ransom.Win32.Generic
MicroWorld-eScanGen:Variant.Fragtor.168126
AvastWin32:RansomX-gen [Ransom]
TencentMalware.Win32.Gencirc.10bdaac9
Ad-AwareGen:Variant.Fragtor.168126
DrWebTrojan.MulDrop21.15237
VIPREGen:Variant.Fragtor.168126
FireEyeGeneric.mg.1b864b1853195a80
EmsisoftGen:Variant.Fragtor.168126 (B)
GDataGen:Variant.Fragtor.168126
MAXmalware (ai score=89)
Antiy-AVLTrojan/Win32.Filecoder
ArcabitTrojan.Fragtor.D290BE
ZoneAlarmHEUR:Trojan-Ransom.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Trojan/Win.Generic.C5148943
ALYacGen:Variant.Fragtor.168126
MalwarebytesRansom.CryLocker
RisingRansom.Agent!8.6B7 (TFE:5:x99z1KkbN4B)
IkarusTrojan.Win32.Delf
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Filecoder.OLC!tr.ransom
BitDefenderThetaAI:Packer.574DCA261E
AVGWin32:RansomX-gen [Ransom]
Cybereasonmalicious.d369d2
PandaTrj/GdSda.A

How to remove Win32/Filecoder.OLC?

Win32/Filecoder.OLC malware is extremely hard to erase manually. It stores its documents in numerous locations throughout the disk, and can get back itself from one of the parts. Moreover, numerous alterations in the registry, networking configurations and also Group Policies are quite hard to find and return to the original. It is much better to make use of a specific program – exactly, an anti-malware app. GridinSoft Anti-Malware will fit the best for malware removal reasons.

Why GridinSoft Anti-Malware? It is pretty lightweight and has its databases updated nearly every hour. In addition, it does not have such problems and exploits as Microsoft Defender does. The combination of these details makes GridinSoft Anti-Malware ideal for removing malware of any kind.

Remove the viruses with GridinSoft Anti-Malware

  • Download and install GridinSoft Anti-Malware. After the installation, you will be offered to perform the Standard Scan. Approve this action.
  • Gridinsoft Anti-Malware during the scan process

  • Standard scan checks the logical disk where the system files are stored, together with the files of programs you have already installed. The scan lasts up to 6 minutes.
  • GridinSoft Anti-Malware scan results

  • When the scan is over, you may choose the action for each detected virus. For all files of [SHORT_NAME] the default option is “Delete”. Press “Apply” to finish the malware removal.
  • GridinSoft Anti-Malware - After Cleaning
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About the author

Robert Bailey

I'm Robert Bailey, a passionate Security Engineer with a deep fascination for all things related to malware, reverse engineering, and white hat ethical hacking.

As a white hat hacker, I firmly believe in the power of ethical hacking to bolster security measures. By identifying vulnerabilities and providing solutions, I contribute to the proactive defense of digital infrastructures.

Leave a Reply

Sending