MSIL/GenKryptik.FUSF removal tips

The MSIL/GenKryptik.FUSF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/GenKryptik.FUSF virus can do?

Presents an Authenticode digital signature
Dynamic (imported) function loading detected
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine MSIL/GenKryptik.FUSF?


File Info:
name: 89068E1F86ACF8B00331.mlw
path: /opt/CAPEv2/storage/binaries/ab2ba4b42e8c4d092bd8388771f068621215b7b5715705d60014cb372fc782f6
crc32: C1AE1296
md5: 89068e1f86acf8b00331e3d57c8b904a
sha1: 01c596aaed080578e41886ae0e6690cee30392d8
sha256: ab2ba4b42e8c4d092bd8388771f068621215b7b5715705d60014cb372fc782f6
sha512: 7bbc2e8e6c45362e1b194f1a3aeb46582d84b131fa82317addfee3ebf173c1b7a6b8e4f3d9fd8ff518035e7a5cbd93965c25b2dc7eadd984936a72c7446db891
ssdeep: 12288:AbK4B7XkRPPg+IPU+JiFVwJ8bBrg9kc4zIIl5sQS1mRagvdzUp7NmIO5rrysX754:Aivw0dgf48IegV6+XW
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AD95F3152AEF548D73A27DA60FD8F67F485BF9B3590E70F421911B824332C418BA1B7A
sha3_384: 4f559511469a7fbd99fef11cd9f46bd5bb774b06dfa02aedbaef25ba478554e6779e58affde52a7bf17b0c805c5abfbc
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-06-09 10:14:31

Version Info:
Translation: 0x0000 0x04b0
Comments: qQWRNORnSvU
CompanyName: KxknVNXoRsMobS
FileDescription: KxknVNXoRsMobS
FileVersion: 0.0.0.0
InternalName: 5108852566.exe
LegalCopyright: KxknVNXoRsMobSCXB
LegalTrademarks: xTKuNSMPMDOWuKcs
OriginalFilename: 5108852566.exe
ProductName: KxknVNXoRsMobS
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/GenKryptik.FUSF also known as:

Bkav	W32.AIDetectNet.01
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Trojan.Mardom.PN.14
ALYac	Gen:Trojan.Mardom.PN.14
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.aed080
ESET-NOD32	a variant of MSIL/GenKryptik.FUSF
APEX	Malicious
Kaspersky	HEUR:Trojan.MSIL.Matanbuchus.gen
BitDefender	Gen:Trojan.Mardom.PN.14
Avast	FileRepMalware [Misc]
Ad-Aware	Gen:Trojan.Mardom.PN.14
Emsisoft	Gen:Trojan.Mardom.PN.14 (B)
Comodo	TrojWare.MSIL.Agent.GH@60rvah
FireEye	Generic.mg.89068e1f86acf8b0
Sophos	ML/PE-A
SentinelOne	Static AI – Malicious PE
GData	Gen:Trojan.Mardom.PN.14
Avira	TR/Dropper.Gen2
MAX	malware (ai score=83)
Arcabit	Trojan.Mardom.PN.14
Microsoft	Trojan:Win32/Woreflint.A!cl
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.Mardom.C5134461
Acronis	suspicious
Malwarebytes	Backdoor.Bladabindi
Ikarus	Trojan-Dropper.MSIL.Agent
MaxSecure	Trojan.Malware.300983.susgen
BitDefenderTheta	Gen:NN.ZemsilF.34712.8n2@a4qMnUg
AVG	FileRepMalware [Misc]
CrowdStrike	win/malicious_confidence_100% (W)

How to remove MSIL/GenKryptik.FUSF?

MSIL/GenKryptik.FUSF removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X