Backdoor

Backdoor.MSIL.Crysan.hkf removal instruction

Malware Removal

The Backdoor.MSIL.Crysan.hkf is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Backdoor.MSIL.Crysan.hkf virus can do?

  • Sample contains Overlay data
  • Reads data out of its own binary image
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Backdoor.MSIL.Crysan.hkf?



File Info:

name: 66DB072003DC3FC6A19A.mlw
path: /opt/CAPEv2/storage/binaries/86ae0c458e315905e79d380ed792a3487cafe7e55a6a8b373d3e0039b4677ee7
crc32: 8C4725AC
md5: 66db072003dc3fc6a19a9351368b6381
sha1: 1d2cae54de52bdc131ac713d2abec1557fb8a06a
sha256: 86ae0c458e315905e79d380ed792a3487cafe7e55a6a8b373d3e0039b4677ee7
sha512: 82341c3ec798f4cff1c7012fca0c57568aa9e9ed9d05005db2935aab0183a48ce8fb21e49bb0ad8fabda75f4932f4a8c4ff5bfc4d892d1eefd88f6d70787afaa
ssdeep: 6144:uN3DB60MGC1DI9cV2Qb91CWIoZYmX+t4TLM882mQQ/B1rLRmM2z2:+3DkEGDINi1ElmX+t4k8rmQI1rww
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T10074CF21BAC08871E97628351AE5A7717B3C7D301B368EDB57442F2E8F305D1AA39763
sha3_384: 1a7de6deeaeebfcca3b69c079a3f74e4bd02487a5cbc86d466e042f4f436d66d616f4a88ea537b8ef8be05138e0af989
ep_bytes: e8dc040000e978feffffe98a46000055
timestamp: 2023-05-29 16:03:38


Version Info:

0: [No Data]

Backdoor.MSIL.Crysan.hkf also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Crysan.4!c
FireEyeGeneric.mg.66db072003dc3fc6
Cylanceunsafe
ZillyaTrojan.Generic.Win32.1726339
SangforTrojan.Win32.Agent.Vsqs
CrowdStrikewin/malicious_confidence_70% (W)
SymantecTrojan.Gen.MBT
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
KasperskyBackdoor.MSIL.Crysan.hkf
AvastWin32:Malware-gen
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
SophosMal/Generic-S
MicrosoftTrojan:Win32/Sonbokli.A!cl
ZoneAlarmBackdoor.MSIL.Crysan.hkf
McAfeeArtemis!66DB072003DC
VBA32TrojanSpy.Cordimik
PandaTrj/Chgt.AD
SentinelOneStatic AI – Suspicious PE
FortinetW32/PossibleThreat
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Backdoor.MSIL.Crysan.hkf?

Backdoor.MSIL.Crysan.hkf removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment