Should I remove “MSIL/Kryptik.AJOK”?

The MSIL/Kryptik.AJOK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Kryptik.AJOK virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid

How to determine MSIL/Kryptik.AJOK?


File Info:
name: 6EF407E2CCC10CCE0F87.mlw
path: /opt/CAPEv2/storage/binaries/5d2bfa84cb53ea278d0643ff18ad159dc7759fc0e5362a44887e3ff77acf5dba
crc32: 5FD9EAF2
md5: 6ef407e2ccc10cce0f87ae040f4b1580
sha1: 69aa8991da41af7186288f0630a51867667c269f
sha256: 5d2bfa84cb53ea278d0643ff18ad159dc7759fc0e5362a44887e3ff77acf5dba
sha512: aec9cb3b433623080073118140da638fc04f6b6ebeae672c3856c58c10b05f33ce02ed484e1e5ecd97cf57b03cc9d3ea2a06a7cab8173192de6a8ac445f3a01e
ssdeep: 12288:C7en3jDKRDEeCnp2/WX3y7OQtOcxj6ZKP:TEDYp2/aNQEA
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A0F46B70E79A6598C8374739083794B32373AE6A6960C70D14DD3E2CBEBB3530672A57
sha3_384: 11e6fbeea575b4e91b89fb3f08cb944f227c564d9b32c00d201935d942a4ab004caf02925e0c4f88b43f41078d1624b5
ep_bytes: ff250020400000000000000000000000
timestamp: 1984-01-01 19:21:10

Version Info:
Translation: 0x0000 0x04b0
Comments: 4E8A5IAFBBCD5HC
CompanyName: 9I8;
FileDescription: HB9G727B29;3@F3FIGGGA
FileVersion: 5.8.10.13
InternalName: edtfr.exe
LegalCopyright: Copyright © 2005 9I8;
OriginalFilename: edtfr.exe
ProductName: HB9G727B29;3@F3FIGGGA
ProductVersion: 5.8.10.13
Assembly Version: 1.0.0.0

MSIL/Kryptik.AJOK also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Kryptik.176
FireEye	Generic.mg.6ef407e2ccc10cce
Malwarebytes	Malware.AI.4256118429
Cyren	W32/MSIL_Kryptik.DSR.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.AJOK
APEX	Malicious
Kaspersky	HEUR:Trojan.MSIL.Inject.gen
BitDefender	Gen:Variant.Kryptik.176
Avast	Win32:PWSX-gen [Trj]
Emsisoft	Gen:Variant.Kryptik.176 (B)
DrWeb	Trojan.PackedNET.2321
VIPRE	Gen:Variant.Kryptik.176
Trapmine	suspicious.low.ml.score
Sophos	Mal/Generic-S
SentinelOne	Static AI – Suspicious PE
GData	Gen:Variant.Kryptik.176
Google	Detected
Arcabit	Trojan.Kryptik.176
ZoneAlarm	HEUR:Trojan.MSIL.Inject.gen
Microsoft	Ransom:Win32/GarrantDecrypt.PA!MTB
Cynet	Malicious (score: 100)
BitDefenderTheta	Gen:NN.ZemsilF.36662.Sm0@aanj5Bb
ALYac	Gen:Variant.Kryptik.176
MAX	malware (ai score=83)
Cylance	unsafe
Panda	Trj/Genetic.gen
Rising	Malware.Obfus/MSIL@AI.100 (RDM.MSIL2:onuMqRm6JivxONyy6CBShg)
AVG	Win32:PWSX-gen [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (D)

How to remove MSIL/Kryptik.AJOK?

MSIL/Kryptik.AJOK removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X