Malware

About “MSIL/Kryptik.CRU” infection

Malware Removal

The MSIL/Kryptik.CRU is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Kryptik.CRU virus can do?

  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • .NET file is packed/obfuscated with SmartAssembly
  • Authenticode signature is invalid

How to determine MSIL/Kryptik.CRU?



File Info:

name: 469729D36108C58FA570.mlw
path: /opt/CAPEv2/storage/binaries/8d21c4b0c490fd6e2ad1d83d4cfaba351213313bcc53b75554c4849689bd6a71
crc32: A7E0B665
md5: 469729d36108c58fa570c39e8227f440
sha1: bdb679df587878f8bc83fa3313c741169c0d25a5
sha256: 8d21c4b0c490fd6e2ad1d83d4cfaba351213313bcc53b75554c4849689bd6a71
sha512: d36a6d449cd25f16976fe1edb6e486e6d61152166fb99b95325b6ec941c29293b510d9c3646e6ceadc534d1a891d2c39d0c19f4fb6d9a0cbed05e80753229879
ssdeep: 3072:WPJH0YrAU+R9drNSftMluAc0tWo/8/Oy2J:qzrgxKk93ACmz2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11CD38D54B3C98A56D2FD097AC8F3226003749569EE03E34FAD8D19591C713CA8762F9F
sha3_384: 36a3030f734d7c1ad31aeac29ce200fd011712abe48aabac0e45c442b079039e3f65acd371fa496464669a96d42166eb
ep_bytes: ff250020400000000000000000000000
timestamp: 2014-04-23 18:25:15


Version Info:

Translation: 0x0000 0x04b0
Comments: /R)T=TMre`WrYN
CompanyName: 5K6M7MGod9OpQH
FileDescription: 5K6M7MGod9OpQH
FileVersion: 4.1.5.​0
InternalName: t.exe
LegalCopyright: 5K6M7MGod9OpQH
LegalTrademarks: /R)T=TMre`WrYN
OriginalFilename: t.exe
ProductName: /R)T=TMre`WrYN
ProductVersion: 4.1.5.​0
Assembly Version: 4.2.4.5

MSIL/Kryptik.CRU also known as:

BkavW32.AIDetectNet.01
LionicTrojan.Win32.Generic.4!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Barys.26045
FireEyeGeneric.mg.469729d36108c58f
ALYacGen:Variant.Barys.26045
CylanceUnsafe
VIPREGen:Variant.Barys.26045
SangforSuspicious.Win32.Save.a
AlibabaTrojan:MSIL/Kryptik.f99d0bc5
Cybereasonmalicious.36108c
SymantecTrojan.Gen
Elasticmalicious (high confidence)
ESET-NOD32a variant of MSIL/Kryptik.CRU
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 99)
KasperskyHEUR:Trojan.MSIL.Crypt.gen
BitDefenderGen:Variant.Barys.26045
NANO-AntivirusTrojan.Win32.Barys.dchsiu
AvastWin32:Malware-gen
TencentMsil.Trojan.Crypt.Wdkl
Ad-AwareGen:Variant.Barys.26045
EmsisoftGen:Variant.Barys.26045 (B)
ComodoMalware@#obz5d4n22rps
F-SecureTrojan.TR/Dropper.MSIL.Gen8
DrWebTrojan.DownLoader10.63222
ZillyaDropper.FrauDrop.Win32.21269
McAfee-GW-EditionTrojan-FDWX!469729D36108
Trapminemalicious.high.ml.score
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
GDataGen:Variant.Barys.26045
JiangminTrojan.Generic.uauw
WebrootW32.Trojan.Comame
AviraTR/Dropper.MSIL.Gen8
Antiy-AVLTrojan/Generic.ASMalwS.21C
KingsoftWin32.Troj.FrauDrop.(kcloud)
ArcabitTrojan.Barys.D65BD
MicrosoftBackdoor:Win32/Bladabindi!ml
GoogleDetected
Acronissuspicious
McAfeeTrojan-FDWX!469729D36108
MAXmalware (ai score=100)
MalwarebytesMachineLearning/Anomalous.100%
RisingTrojan.Generic/MSIL@AI.96 (RDM.MSIL:cFIIGSdALaK5XGBLZzXVgA)
IkarusTrojan.MSIL.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Dropper.PM!tr
BitDefenderThetaGen:NN.ZemsilF.34646.im0@amp!vNi
AVGWin32:Malware-gen
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove MSIL/Kryptik.CRU?

MSIL/Kryptik.CRU removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment