Malware

MSIL/GenKryptik.EKWH removal guide

Malware Removal

The MSIL/GenKryptik.EKWH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/GenKryptik.EKWH virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

How to determine MSIL/GenKryptik.EKWH?



File Info:

crc32: C181974D
md5: a67dd5c0f05223a77a8b184c7cefdf3d
name: msb.exe
sha1: fda2db0a1879ad7c24a8a5233a4785d8cfc3eb25
sha256: 8416de81f8e7d2c3f1b3d4a0f08c5cc5aaa30c272eb0642561a87f62ab104551
sha512: f488f74af847ea395aa5fb6e24c0eba59ceac45476a208429bd06cc072aac01b60e45fca4f3bfcd0e0a74a61b1ec900132a6f6c174bbb16eef4ee4a4774f1e59
ssdeep: 12288:p4o4Go/X1ZhJsKyqrODGmUxL4z0Qj/e7yUKNPF57ul3ZKEbW+xkwgzvVR9zpAAxb:jI/X1SfqrOSmUxLeLJUKNPFcl3wsWGkp
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright (c) 2000-2019 The Apache Software Foundation.
Assembly Version: 1.2.2.0
InternalName: kBSk1iIwl9gHyAW.exe
FileVersion: 1.2.2.0
CompanyName: Apache Software Foundation
Comments: Apache Commons Daemon Service Runner
ProductName: Apache Commons Daemon Service Runner
ProductVersion: 1.2.2.0
FileDescription: Apache Commons Daemon Service Runner
OriginalFilename: kBSk1iIwl9gHyAW.exe

MSIL/GenKryptik.EKWH also known as:

FireEyeGeneric.mg.a67dd5c0f05223a7
CylanceUnsafe
SangforMalware
Cybereasonmalicious.a1879a
Invinceaheuristic
BitDefenderThetaGen:NN.ZemsilF.34110.Rm0@aO!peTi
KasperskyHEUR:Trojan-Spy.MSIL.Quasar.gen
APEXMalicious
Trapminesuspicious.low.ml.score
Endgamemalicious (high confidence)
ZoneAlarmHEUR:Trojan-Spy.MSIL.Quasar.gen
MicrosoftTrojan:Win32/Wacatac.C!ml
Acronissuspicious
MalwarebytesTrojan.Crypt.MSIL
ESET-NOD32a variant of MSIL/GenKryptik.EKWH
IkarusTrojan.Inject
eGambitUnsafe.AI_Score_99%
FortinetMSIL/Crysan.EKQZ!tr.bdr
Paloaltogeneric.ml
Qihoo-360HEUR/QVM03.0.5765.Malware.Gen

How to remove MSIL/GenKryptik.EKWH?

MSIL/GenKryptik.EKWH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment