Malware

How to remove “MSIL/GenKryptik.CUII”?

Malware Removal

The MSIL/GenKryptik.CUII is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/GenKryptik.CUII virus can do?

  • Executable code extraction
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine MSIL/GenKryptik.CUII?



File Info:

crc32: 5490A86D
md5: f2fe852c1507f5805945485df21476f0
name: F2FE852C1507F5805945485DF21476F0.mlw
sha1: afabc078a960749bef4739a3157a9be03576dd8d
sha256: 21881bd6bbd7c87d6ef0c947a1fcbabec4d181a7fc60ba605381b78e4cef2f69
sha512: 70fb29762bd9c7fd6877619cd8f0b873ab8a0966d5d0d327f8cdfe30c5eb921aaceb2e35e2e22f460da353b9ca51a0a5f0c60c59bf3a0136c8f9260f7d022576
ssdeep: 1536:LgWvYtiHbT1ZkHDk5cS7BU3vwnAyif/8VuD2VwXE1W3R2EuqJqKBqens2zfZ3yz:LNvsLqwLubAnw4dwTfVabdHYBjznhTr
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: xe6x9662x25d8x252cx252cx70c8xa6xb8x266ax306exa4x25bcx2566x552fxbcx4e00xf8x6b4cx30e9x85a6
Assembly Version: 1.0.0.0
InternalName: x306ax65e0x2580xf3x2560x2588x2534xfexaaxa2exe6xa2ex2194x2192xa38x2514xa2xa35x2557xa4.exe
FileVersion: 1.0.0.0
CompanyName: xe6x9662x25d8x252cx252cx70c8xa6xb8x266ax306exa4x25bcx2566x552fxbcx4e00xf8x6b4cx30e9x85a6
LegalTrademarks: xe6x9662x25d8x252cx252cx70c8xa6xb8x266ax306exa4x25bcx2566x552fxbcx4e00xf8x6b4cx30e9x85a6
Comments: xe6x9662x25d8x252cx252cx70c8xa6xb8x266ax306exa4x25bcx2566x552fxbcx4e00xf8x6b4cx30e9x85a6
ProductName: xe6x9662x25d8x252cx252cx70c8xa6xb8x266ax306exa4x25bcx2566x552fxbcx4e00xf8x6b4cx30e9x85a6
ProductVersion: 1.0.0.0
FileDescription: xe6x9662x25d8x252cx252cx70c8xa6xb8x266ax306exa4x25bcx2566x552fxbcx4e00xf8x6b4cx30e9x85a6
OriginalFilename: x306ax65e0x2580xf3x2560x2588x2534xfexaaxa2exe6xa2ex2194x2192xa38x2514xa2xa35x2557xa4.exe

MSIL/GenKryptik.CUII also known as:

K7AntiVirusTrojan ( 00543fe51 )
LionicTrojan.Win32.Bladabindi.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
CylanceUnsafe
ZillyaTrojan.GenKryptik.Win32.23348
CrowdStrikewin/malicious_confidence_70% (D)
AlibabaTrojan:MSIL/GenKryptik.6a24e5b0
K7GWTrojan ( 00543fe51 )
Cybereasonmalicious.c1507f
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/GenKryptik.CUII
APEXMalicious
AvastWin32:Trojan-gen
KasperskyHEUR:Trojan.MSIL.Crypt.gen
BitDefenderGen:Heur.MSIL.Bladabindi.1
NANO-AntivirusTrojan.Win32.GenKryptik.flguut
MicroWorld-eScanGen:Heur.MSIL.Bladabindi.1
TencentMsil.Trojan.Crypt.Eere
Ad-AwareGen:Heur.MSIL.Bladabindi.1
SophosMal/Generic-S
ComodoMalware@#3ur8lhlw3003d
BitDefenderThetaGen:NN.ZemsilF.34294.gm0@aO2852
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.f2fe852c1507f580
EmsisoftGen:Heur.MSIL.Bladabindi.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.MSIL.mowv
AviraTR/Dropper.Gen
MicrosoftTrojan:Win32/Occamy.C
GDataGen:Heur.MSIL.Bladabindi.1
AhnLab-V3Malware/RL.Generic.R252130
McAfeeArtemis!F2FE852C1507
MAXmalware (ai score=83)
VBA32TScope.Trojan.MSIL
MalwarebytesMachineLearning/Anomalous.94%
PandaTrj/GdSda.A
YandexTrojan.Crypt!f59WjPNfLok
IkarusTrojan.MSIL.Krypt
FortinetMSIL/GenKryptik.CUIT!tr
AVGWin32:Trojan-gen

How to remove MSIL/GenKryptik.CUII?

MSIL/GenKryptik.CUII removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment