Malware

What is “MSIL/GenKryptik.FWSH”?

Malware Removal

The MSIL/GenKryptik.FWSH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/GenKryptik.FWSH virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid

How to determine MSIL/GenKryptik.FWSH?



File Info:

name: E5BF804C8A6D1458FF10.mlw
path: /opt/CAPEv2/storage/binaries/85a44c12223f277bb7b5565296514cb9e953d2d953e21ba49e8a457a1d5aaaa9
crc32: C5AD7FEC
md5: e5bf804c8a6d1458ff10f3ee35db8821
sha1: 83f09ca426104a568b676bfc79cd627231b3ccd4
sha256: 85a44c12223f277bb7b5565296514cb9e953d2d953e21ba49e8a457a1d5aaaa9
sha512: b0512bd357a591d96f30ebc9a5d08263cb51afaabca37a6f147db3d970e9543f4ae5c5740cb0bb2e27c93a316f3b801851daf239c4ad3974a2882581074eb7cc
ssdeep: 12288:wxjFNBnSvQbaHADMDSWMJMhRyr3dbhzebRqWE2PxzzUUsueherPXTtxL0s+Y/NL8:weH+iSWMAyrkRqaPUdlQvZCs+Y/NL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T192357E05B6EECF51D2090F37C0DE640047AA9A539667FF0B368113A95D93BEE4C8A6C7
sha3_384: 36495e42b1eae7817c2297d4b69b9e81d0b138e769d800b3b43c36c71c31f9b49c9b95842b77ec2f63d032c9af739a55
ep_bytes: ff250020400000000000000000000000
timestamp: 2022-06-29 02:12:28


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: 
FileDescription: WPFPreviewHostSpike
FileVersion: 1.0.0.0
InternalName: ApplicationSt.exe
LegalCopyright: Copyright ©  2012
LegalTrademarks: 
OriginalFilename: ApplicationSt.exe
ProductName: WPFPreviewHostSpike
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/GenKryptik.FWSH also known as:

BkavW32.AIDetectNet.01
tehtrisGeneric.Malware
FireEyeGeneric.mg.e5bf804c8a6d1458
CyrenW32/MSIL_Kryptik.HOV.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/GenKryptik.FWSH
APEXMalicious
Paloaltogeneric.ml
KasperskyUDS:Backdoor.MSIL.Androm.gen
AvastFileRepMalware [Misc]
McAfee-GW-EditionBehavesLike.Win32.Fareit.th
SophosMal/Generic-S
SentinelOneStatic AI – Suspicious PE
GDataWin32.Trojan-Stealer.LokiBot.025PPJ
AviraHEUR/AGEN.1235806
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
McAfeeArtemis!E5BF804C8A6D
RisingBackdoor.Androm!8.113 (TFE:dGZlOg03sl0SOlqSQA)
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaGen:NN.ZemsilF.34742.bn0@amVn8hg
AVGFileRepMalware [Misc]
CrowdStrikewin/malicious_confidence_90% (W)

How to remove MSIL/GenKryptik.FWSH?

MSIL/GenKryptik.FWSH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment