Ransom.Qilin

Ransom.Qilin is Malwarebytes’ detection name for a prevalent ransomware family.

Ransom.Qilin is ransomware. Ransomware in general makes files on the victims system unusable until the ransom is paid. Ransom.Qilin not only encrypts a victims files, but also threatens to publish them.  The ransomware component is separate from the data stealer.
Common infection vectors are spear phishing and exploitation of Remote Monitoring & Management (RMM) software.

Malwarebytes detects and blocks Ransom.Qilin

How to remove Ransom.Qilin with the Malwarebytes Nebula console

You can use the Malwarebytes Anti-Malware Nebula console to scan endpoints.

Nebula endpoint tasks menu

Choose the Scan + Quarantine option. Afterwards you can check the Detections page to see which threats were found.

On the Quarantine page you can see which threats were quarantined and restore them if necessary.

Malwarebytes can detect and remove Ransom.Qilin without further user interaction.

Reboot the system if prompted to complete the removal process.

Please download Malwarebytes to your desktop.

Double-click MBSetup.exe and follow the prompts to install the program.

When your Malwarebytes for Windows installation completes, the program opens to the Welcome to Malwarebytes screen.

Click on the Get started button.

Click Scan to start a Threat Scan.

Click Quarantine to remove the found threats.