What is “MSIL/Kryptik.AAHR”?

Malware Removal

The MSIL/Kryptik.AAHR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What MSIL/Kryptik.AAHR virus can do?

  • Anomalous binary characteristics

How to determine MSIL/Kryptik.AAHR?


File Info:

crc32: 00E60BFA
md5: 870612f64ae920f7b24b4b591d2e4ec4
name: 870612F64AE920F7B24B4B591D2E4EC4.mlw
sha1: 4a95cc0c9708633abb119eee89709624dea3ea6f
sha256: 3ca3339a0a9fd56bf5006962c7a0b02e6b20b2c9536a159403e2c72897f2de0d
sha512: ba54a3d887bf26d6fa3c52929689b6a145c4a09ebc2d84140dd70988fc36c05e21ee30afb43ac081d8ec74683f2d996f1112bebef179752c715bf71592bde5c4
ssdeep: 12288:mUbrR1mxfhYz7brfWNM+h3TYs5xNcuYzTkrQyv2QpIV1Fn6OAVo1Tb3IJdpmQsZ:TR1mxfhYz7brfWNM+h3TYs5HcuYzTkr
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2018 <;;5GBI56D:3JH88CF@9D54@
Assembly Version: 1.0.0.0
InternalName: PO#29710634.exe
FileVersion: 9.14.18.23
CompanyName: <;;5GBI56D:3JH88CF@9D54@
Comments: A?:HF@;:G5BD?JH>@?
ProductName: D2CCAA8B3BD4I;6C7<6C4
ProductVersion: 9.14.18.23
FileDescription: D2CCAA8B3BD4I;6C7<6C4
OriginalFilename: PO#29710634.exe

MSIL/Kryptik.AAHR also known as:

K7AntiVirusRiskware ( 0040eff71 )
Elasticmalicious (high confidence)
DrWebBackDoor.SpyBotNET.25
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.36643614
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (W)
K7GWRiskware ( 0040eff71 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.AAHR
APEXMalicious
AvastWin32:RATX-gen [Trj]
KasperskyHEUR:Backdoor.MSIL.NanoBot.gen
BitDefenderTrojan.GenericKD.36643614
MicroWorld-eScanTrojan.GenericKD.36643614
Ad-AwareTrojan.GenericKD.36643614
SophosMal/Generic-S
ComodoTrojWare.Script.UMal.muyvr@0
BitDefenderThetaGen:NN.ZemsilF.34670.Km0@auyHqag
McAfee-GW-EditionBehavesLike.Win32.Generic.hh
FireEyeGeneric.mg.870612f64ae920f7
EmsisoftTrojan.GenericKD.36643614 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Kryptik.mdtoc
KingsoftWin32.Hack.Undef.(kcloud)
MicrosoftTrojan:Win32/Woreflint.A!cl
ArcabitTrojan.Generic.D22F231E
AegisLabTrojan.MSIL.NanoBot.m!c
ZoneAlarmHEUR:Backdoor.MSIL.NanoBot.gen
GDataTrojan.GenericKD.36643614
AhnLab-V3Trojan/Win.Generic.C4406763
McAfeeArtemis!870612F64AE9
MAXmalware (ai score=84)
MalwarebytesTrojan.MZCrypt.MSIL.Generic
PandaTrj/Genetic.gen
TrendMicro-HouseCallBackdoor.MSIL.NANOCORE.USMAND621
RisingBackdoor.NanoBot!8.28C (CLOUD)
IkarusTrojan.MSIL.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/CoinMiner.ZXL!tr
AVGWin32:RATX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Heur.Generic.HwMAZ3QA

How to remove MSIL/Kryptik.AAHR?

MSIL/Kryptik.AAHR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment