Malware

How to remove “MSIL/Kryptik.DYA”?

Malware Removal

The MSIL/Kryptik.DYA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Kryptik.DYA virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine MSIL/Kryptik.DYA?



File Info:

name: 45BD457E97475E8740A2.mlw
path: /opt/CAPEv2/storage/binaries/a5a7327057f53c0682fd89d8f59476fb906e3d4f40f4e819f0f6cf4c83830c3c
crc32: C4770D3D
md5: 45bd457e97475e8740a22348feeba5f3
sha1: 6899efe92355acb2c7e03e52f7850a88f096fdf4
sha256: a5a7327057f53c0682fd89d8f59476fb906e3d4f40f4e819f0f6cf4c83830c3c
sha512: 15a13c0fac858a8421e309768a81b23567bbb3fc8827db25e40cb01ed22d4c5efeeb21560f41c2d6b643dd987e46a04f2089373f08dfa73433f8385d7cc9204a
ssdeep: 12288:pPlLuWLR8fIOSjCy6eu+nJK2YILRYGILxW4d2vEOiyTBpOAiZZwn9gIL:ZlaK8AOSHMcqlo44viEpORw9/
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1EF058C0A7BFD7588F9BE7B706DF9D2B64934FE0765B3C32C2010245E2A661199A53323
sha3_384: bab26ed41c7bc78047968059a5c57d03132149468c4749b2d660b048ad20e4a2baa040785b2f4457b6da8939a88f51a3
ep_bytes: ff250020400000000000000000000000
timestamp: 2015-05-01 05:16:24


Version Info:

Translation: 0x0000 0x04b0
CompanyName: In Control Pty Ltd Australia
FileDescription: Global Configuration
FileVersion: 8.0.5598.15405
InternalName: GlobalConfiguration.exe
LegalCopyright: Copyright ©  2015
OriginalFilename: GlobalConfiguration.exe
ProductName: Carps
ProductVersion: 8.0.5598.15405
Assembly Version: 8.0.5598.15405

MSIL/Kryptik.DYA also known as:

LionicTrojan.Win32.Generic.4!c
McAfeeArtemis!45BD457E9747
K7AntiVirusTrojan ( 004d49931 )
AlibabaTrojan:MSIL/Kryptik.a04a55ab
K7GWTrojan ( 004d49931 )
ESET-NOD32a variant of MSIL/Kryptik.DYA
APEXMalicious
CynetMalicious (score: 99)
BitDefenderTrojan.GenericKD.49026060
MicroWorld-eScanTrojan.GenericKD.49026060
AvastWin32:Trojan-gen
Ad-AwareTrojan.GenericKD.49026060
EmsisoftTrojan.GenericKD.49026060 (B)
McAfee-GW-EditionArtemis
FireEyeTrojan.GenericKD.49026060
SophosMal/Generic-S
IkarusTrojan.MSIL.Crypt
GDataTrojan.GenericKD.49026060
AviraTR/Kryptik.umzca
MAXmalware (ai score=86)
ArcabitTrojan.Generic.D2EC140C
MicrosoftTrojan:Win32/Wacatac.B!ml
ALYacTrojan.GenericKD.49026060
CylanceUnsafe
TrendMicro-HouseCallTROJ_GEN.R002H0CEK22
MaxSecureTrojan.Malware.183258415.susgen
FortinetMSIL/Kryptik.DYA!tr
AVGWin32:Trojan-gen

How to remove MSIL/Kryptik.DYA?

MSIL/Kryptik.DYA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment