MSIL/Kryptik.ODA malicious file

Malware Removal

The MSIL/Kryptik.ODA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What MSIL/Kryptik.ODA virus can do?

  • The binary likely contains encrypted or compressed data.
  • Network activity detected but not expressed in API logs

How to determine MSIL/Kryptik.ODA?


File Info:

crc32: 64DB42D2
md5: 2b9addbbb56762bc9a1427ba080d9d1c
name: 2B9ADDBBB56762BC9A1427BA080D9D1C.mlw
sha1: e647b8c9358d2cd1d8d740a4cdd8bde61a31202b
sha256: 849fa00cdc954c0bcba8250dd711190af79bfab9f2c6dcb72ad19b629da0eb9b
sha512: e6270fb302755b2eaa189cc410c1354a72898e919549b90ebf2d2dfc3c05c8faed916141dc5714d2ea6e3b2604a09de315c7b0ec4d796d24db8827afa9c156ad
ssdeep: 24576:aqDxBfu45HkENq4VvIS1LajE4CBczfEcOs1Ys4FKyYLQo1BHW2S/aScnG3Q6En9:aqBAENq4VvIS1LajE4CBczfEcOs1Ys4
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2019-2021
Assembly Version: 2.0.0.0
InternalName: UnmanagedMarshal.exe
FileVersion: 2.0.0.0
CompanyName: Kariangwe High School
LegalTrademarks:
Comments: Management System
ProductName: School Management School
ProductVersion: 2.0.0.0
FileDescription: School Management School
OriginalFilename: UnmanagedMarshal.exe

MSIL/Kryptik.ODA also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.36378907
FireEyeTrojan.GenericKD.36378907
McAfeeGenericRXNR-WT!2B9ADDBBB567
CylanceUnsafe
SangforTrojan.Win32.Save.a
BitDefenderTrojan.GenericKD.36378907
CyrenW32/MSIL_Kryptik.DFV.gen!Eldorado
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:PWSX-gen [Trj]
KasperskyHEUR:Trojan-PSW.MSIL.Stelega.gen
AlibabaTrojanPSW:Win32/Stelega.5132b5fc
ViRobotTrojan.Win32.Z.Wacatac.1276416.A
Ad-AwareTrojan.GenericKD.36378907
ComodoMalware@#ej4nvn3jrl0a
F-SecureTrojan.TR/AD.XetimaLogger.zwtra
TrendMicroTROJ_FRS.0NA104BM21
McAfee-GW-EditionArtemis!Trojan
EmsisoftTrojan.GenericKD.36378907 (B)
IkarusTrojan-Spy.Win32.SnakeKeyLogger
WebrootW32.Trojan.Gen
AviraTR/AD.XetimaLogger.zwtra
KingsoftWin32.PSWTroj.Undef.(kcloud)
MicrosoftTrojan:Win32/AgentTesla!ml
ArcabitTrojan.Generic.D22B191B
ZoneAlarmHEUR:Trojan-PSW.MSIL.Stelega.gen
GDataTrojan.GenericKD.36378907
CynetMalicious (score: 100)
AhnLab-V3Malware/Win32.RL_Generic.C4344017
ALYacTrojan.GenericKD.36378907
MAXmalware (ai score=80)
MalwarebytesMachineLearning/Anomalous.97%
PandaTrj/GdSda.A
ESET-NOD32a variant of MSIL/Kryptik.ODA
TrendMicro-HouseCallTROJ_FRS.0NA104BM21
SentinelOneStatic AI – Suspicious PE
FortinetMSIL/Kryptik.ZPC!tr
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Trojan.Generic

How to remove MSIL/Kryptik.ODA?

MSIL/Kryptik.ODA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment