Malware

MSIL/Kryptik.ADRM removal tips

Malware Removal

The MSIL/Kryptik.ADRM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Kryptik.ADRM virus can do?

  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine MSIL/Kryptik.ADRM?



File Info:

name: 98A70C3AF468344F43FF.mlw
path: /opt/CAPEv2/storage/binaries/8ba6f9c5088b8d80e0fface51143b20c82aae00bb8d7453747206497a8788e31
crc32: A444599A
md5: 98a70c3af468344f43ff825424b8b267
sha1: 6ff4c476b74d8aff2d318ea5d021a860fa1bdfc1
sha256: 8ba6f9c5088b8d80e0fface51143b20c82aae00bb8d7453747206497a8788e31
sha512: a2f698bc76ebadcc21a865947f770b59d284355168989930da82e90f3ee113e2a3b880f353b972093b7995f60b4238267c79f6a4b05a2d890693d90c6ac108f9
ssdeep: 24576:23xQQpBGMIzCOcD+c2zQy0ohYrpiTJbQ1sv+10Z0X4LhpfGG:exQQeMIzLi2zn7Y1iTtQav+10+uhpfGG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T188352354BDD3DC16D2BABA36E8EF453003BC7105A802D72A29BC72B85E1377629A151E
sha3_384: c69519c4e6bd2018c36cc4821af84a2cef65538eb3f29658e37c1fdb5c400ef469cda6b05fa5128af8d8a6088b1b3b54
ep_bytes: ff250020400000000000000000000000
timestamp: 2021-12-08 10:16:02


Version Info:

Translation: 0x0000 0x04b0
Comments: A powerful API library for World of Warcraft.
CompanyName: Aevitas Enterprises
FileDescription: BlackRain
FileVersion: 1.3.0.0
InternalName: ITransportHeade.exe
LegalCopyright: Copyright © Aevitas Enterprises 2010
LegalTrademarks: 
OriginalFilename: ITransportHeade.exe
ProductName: BlackRain
ProductVersion: 1.3.0.0
Assembly Version: 1.3.0.0

MSIL/Kryptik.ADRM also known as:

LionicTrojan.Multi.Generic.4!c
MicroWorld-eScanTrojan.GenericKD.38225048
FireEyeGeneric.mg.98a70c3af468344f
ALYacTrojan.GenericKD.38225048
CylanceUnsafe
SangforInfostealer.MSIL.Agensla.gen
AlibabaTrojanPSW:MSIL/Agensla.7089b415
K7GWTrojan ( 0058b93a1 )
BitDefenderThetaGen:NN.ZemsilF.34062.dr0@am7rSyp
CyrenW32/MSIL_Agent.CMI.gen!Eldorado
SymantecMSIL.Packed.19
ESET-NOD32a variant of MSIL/Kryptik.ADRM
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Trojan-PSW.MSIL.Agensla.gen
BitDefenderTrojan.GenericKD.38225048
AvastWin32:PWSX-gen [Trj]
Ad-AwareTrojan.GenericKD.38225048
DrWebTrojan.Siggen16.1997
McAfee-GW-EditionArtemis!Trojan
EmsisoftTrojan.GenericKD.38225048 (B)
IkarusTrojan.Inject
GDataWin32.Trojan.OskiStealer.IE447W
AviraTR/Kryptik.eifgu
MAXmalware (ai score=86)
KingsoftWin32.PSWTroj.Undef.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D2474498
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.C4826080
McAfeeArtemis!98A70C3AF468
MalwarebytesMalware.AI.93142303
TrendMicro-HouseCallTROJ_GEN.R002H0DL821
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/GenKryptik.FOOK!tr
AVGWin32:PWSX-gen [Trj]
PandaTrj/GdSda.A

How to remove MSIL/Kryptik.ADRM?

MSIL/Kryptik.ADRM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment