Malware

How to remove “Malware-Cryptor.Cidox.9413”?

Malware Removal

The Malware-Cryptor.Cidox.9413 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Malware-Cryptor.Cidox.9413 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Russian
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Executable file is packed/obfuscated with MPRESS
  • Authenticode signature is invalid
  • Collects information to fingerprint the system
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware-Cryptor.Cidox.9413?


File Info:

name: 32B5D6C7A5CF2EC6D4DA.mlw
path: /opt/CAPEv2/storage/binaries/b1dc0b8812fe317311a4e7c446e96b67471b9d996a9e972a439782bb13d3e2ef
crc32: 2CB3CD3B
md5: 32b5d6c7a5cf2ec6d4daea19591017ee
sha1: 03baba51314771e6e2b96165171f68488508da67
sha256: b1dc0b8812fe317311a4e7c446e96b67471b9d996a9e972a439782bb13d3e2ef
sha512: a174a030a1fd9241513a7970335ae58d660b3ca38a17183e4a37e0f3395ca513bf5eaa3c8fe0cfef703c630283b20841ba9d5dc93f779b176ab14b9d4cfac942
ssdeep: 6144:bMJ7Ql7ADyVL0/InyhSlUdo+DwNsA5MSD4jA:b67QODtIrwQ5OA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F434BECAEF91041BD95ACCF00D382136554A6DC94639B38FB2F5F92F46B40B5B628BD2
sha3_384: ca4471bef6d6d6d20197fe98d2c771657663c08bb9f2f390bac9456ea89ae775c8266b07214e85f782cdf434ebe6ba75
ep_bytes: 558bec51689c0100006a00ff150cc140
timestamp: 2013-04-09 17:09:09

Version Info:

CompanyName: Корпорация Майкрософт
FileDescription: Редактор личных символов
Translation: 0x0419 0x04b0

Malware-Cryptor.Cidox.9413 also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebTrojan.Redirect.140
MicroWorld-eScanTrojan.GenericKDZ.95632
ClamAVWin.Packed.Lethic-7615835-0
FireEyeGeneric.mg.32b5d6c7a5cf2ec6
McAfeeGenericRXCQ-PF!32B5D6C7A5CF
MalwarebytesGeneric.Malware.AI.DDS
ZillyaTrojan.Kryptik.Win32.4304737
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0052964f1 )
K7GWTrojan ( 0052964f1 )
CrowdStrikewin/malicious_confidence_100% (D)
BitDefenderThetaGen:NN.ZexaF.36662.pq1@aS7m49kc
CyrenW32/Gepys.AT.gen!Eldorado
SymantecPacked.Generic.459
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.AYMY
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKDZ.95632
NANO-AntivirusTrojan.Win32.Redirect.bsljsq
AvastWin32:Gepys-E [Trj]
TencentTrojan.Win32.Kryptik.16000289
EmsisoftTrojan.GenericKDZ.95632 (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
BaiduWin32.Trojan.Agent.eq
VIPRETrojan.GenericKDZ.95632
TrendMicroTROJ_KRYPTK.SMAD
McAfee-GW-EditionBehavesLike.Win32.Generic.dh
Trapminemalicious.high.ml.score
SophosTroj/Gyepis-A
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKDZ.95632
JiangminTrojan/Generic.avodd
WebrootW32.Dropper.Gen
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=87)
Antiy-AVLVirus/Win32.Expiro.imp
XcitiumTrojWare.Win32.Kryptik.AYQE@4wlbfl
ArcabitTrojan.Generic.D17590
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Vindor!pz
GoogleDetected
AhnLab-V3Trojan/Win32.ShipUp.R257322
Acronissuspicious
VBA32Malware-Cryptor.Cidox.9413
ALYacTrojan.GenericKDZ.95632
Cylanceunsafe
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_KRYPTK.SMAD
RisingTrojan.Kryptik!1.AB8B (CLASSIC)
YandexTrojan.GenAsa!pnAQeCjy1M0
IkarusTrojan-Dropper.Win32.Gepys
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.AYUW!tr
AVGWin32:Gepys-E [Trj]
Cybereasonmalicious.131477
DeepInstinctMALICIOUS

How to remove Malware-Cryptor.Cidox.9413?

Malware-Cryptor.Cidox.9413 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment