MSIL/Kryptik.ADRQ removal guide

The MSIL/Kryptik.ADRQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Kryptik.ADRQ virus can do?

The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
Anomalous .NET characteristics
Binary compilation timestomping detected

How to determine MSIL/Kryptik.ADRQ?


File Info:
name: FFB4D30088A98FE41FEE.mlw
path: /opt/CAPEv2/storage/binaries/b20ff2d671025d4bdb33514bf2ff3cc32382ee6aeccf4b1d9c4a120bc4a73c3a
crc32: 3BDBE470
md5: ffb4d30088a98fe41feef5a6be841987
sha1: 7abd7802bd7ad1efc34ec32ca4b159aeea752b04
sha256: b20ff2d671025d4bdb33514bf2ff3cc32382ee6aeccf4b1d9c4a120bc4a73c3a
sha512: 3c56290208343cc7d318e4c87bb66202897f309c1516219da272f2ac1cc71a840ac88b6ef4a7392d5e0056642fa173b78fcf193d410967336ee68e133b7ead45
ssdeep: 24576:qIKjy/SYCpTQEtX5UL9idTdMle65ugTCLaDasWibIUUmY8G5+EWbGG:4jASbH5UZidoe4PCe1WsRnnbGG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D45522291DF5916BD62D97F182D3C0708BB9F0132E52F3FA5DC101EE763898A9943A63
sha3_384: 03561f515afb115f70115b658562fbf69f4fd772ff7bb0e4c26996a14fec5e2fda65233cb8a5446e52d6b3a0e8de5696
ep_bytes: ff250020400000000000000000000000
timestamp: 2038-12-04 23:17:43

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: SpecialNameAttribu.exe
LegalCopyright:  
OriginalFilename: SpecialNameAttribu.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/Kryptik.ADRQ also known as:

Lionic	Trojan.MSIL.Hesv.4!c
Elastic	malicious (high confidence)
Cynet	Malicious (score: 100)
CAT-QuickHeal	TrojanSpy.MSIL
ALYac	Trojan.GenericKD.47610244
Malwarebytes	Trojan.Crypt.MSIL
CrowdStrike	win/malicious_confidence_100% (W)
BitDefender	Trojan.GenericKD.47610244
K7GW	Trojan ( 0058ba061 )
K7AntiVirus	Trojan ( 0058ba061 )
Symantec	MSIL.Packed.19
ESET-NOD32	a variant of MSIL/Kryptik.ADRQ
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Trojan-Spy.MSIL.Stealer.gen
Alibaba	TrojanSpy:MSIL/AgentTesla.b4f40af2
MicroWorld-eScan	Trojan.GenericKD.47610244
Avast	Win32:MalwareX-gen [Trj]
Ad-Aware	Trojan.GenericKD.47610244
Sophos	Mal/Generic-S
Comodo	TrojWare.Win32.Agent.buqkb@0
DrWeb	Trojan.Siggen16.2685
TrendMicro	TROJ_FRS.0NA103LA21
McAfee-GW-Edition	PWS-FCZF!FFB4D30088A9
FireEye	Generic.mg.ffb4d30088a98fe4
Emsisoft	Trojan.GenericKD.47610244 (B)
Ikarus	Trojan.MSIL.Inject
GData	Trojan.GenericKD.47610244
Avira	TR/Kryptik.klraf
MAX	malware (ai score=99)
Kingsoft	Win32.Troj.Generic_a.a.(kcloud)
Gridinsoft	Ransom.Win32.Sabsik.sa
Arcabit	Trojan.Generic.D2D67984
Microsoft	Trojan:MSIL/AgentTesla.DRQ!MTB
AhnLab-V3	Trojan/Win.Generic.C4830409
McAfee	PWS-FCUF!FFB4D30088A9
VBA32	TScope.Trojan.MSIL
Cylance	Unsafe
TrendMicro-HouseCall	TROJ_FRS.0NA103LA21
SentinelOne	Static AI – Suspicious PE
Fortinet	MSIL/GenKryptik.FOPG!tr
AVG	Win32:MalwareX-gen [Trj]
Panda	Trj/GdSda.A
MaxSecure	Trojan.Malware.300983.susgen

How to remove MSIL/Kryptik.ADRQ?

MSIL/Kryptik.ADRQ removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X