Malware

MSIL/Kryptik.OTB (file analysis)

Malware Removal

The MSIL/Kryptik.OTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Kryptik.OTB virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Starts servers listening on 127.0.0.1:0
  • The binary likely contains encrypted or compressed data.

How to determine MSIL/Kryptik.OTB?



File Info:

crc32: 7D36ECA9
md5: 281e2a588e06a9f9a2515c6304ae6ce0
name: 281E2A588E06A9F9A2515C6304AE6CE0.mlw
sha1: 26419e31b88af698c554e469d9f4107c7981c8ea
sha256: 2fefb2f4b8d6ae351c8940638ff0ce00aea9c26204eb2f93d6a40b0bcd4dda76
sha512: 7b8cb75b25e6a3661e5315bb07d72470bb17dba919bd6954e94c92ec8772842ae873608315fd4ff3579e595c505539815f89d4ae41fc1435eec913ad70e14760
ssdeep: 24576:xysqhtVDWYolXGdBjk6OVOGdsXbr57AOi:0sqpWYoBEjkTVOgGrd
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

LegalCopyright: Mozilla Corporation
FileVersion: 53.0.2
CompanyName: Mozilla Corporation
LegalTrademarks: Firefox is a Trademark of The Mozilla Foundation.
ProductName: Firefox
ProductVersion: 53.0.2
FileDescription: Firefox Helper
OriginalFilename: helper.exe
Translation: 0x0409 0x04b0

MSIL/Kryptik.OTB also known as:

K7AntiVirusTrojan ( 700000121 )
Elasticmalicious (high confidence)
DrWebBackDoor.Wirenet.328
CynetMalicious (score: 100)
ALYacGen:Variant.MSILPerseus.100134
CylanceUnsafe
ZillyaTrojan.Blocker.Win32.38392
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Blocker.a8a258fe
K7GWTrojan ( 700000121 )
Cybereasonmalicious.88e06a
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.OTB
APEXMalicious
AvastWin32:Trojan-gen
KasperskyTrojan-Ransom.Win32.Blocker.kbam
BitDefenderGen:Variant.MSILPerseus.100134
NANO-AntivirusTrojan.Win32.Blocker.eqlghx
MicroWorld-eScanGen:Variant.MSILPerseus.100134
TencentMalware.Win32.Gencirc.10bb39d2
Ad-AwareGen:Variant.MSILPerseus.100134
SophosMal/Generic-S
ComodoMalware@#3v11oilisvr2c
BitDefenderThetaGen:NN.ZemsilF.34670.8m0@auox2Rl
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionGenericRXBQ-OO!281E2A588E06
FireEyeGeneric.mg.281e2a588e06a9f9
EmsisoftGen:Variant.MSILPerseus.100134 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Inject.zly
AviraTR/Crypt.XPACK.Gen7
MicrosoftTrojan:Win32/Ymacco.AA2F
ArcabitTrojan.MSILPerseus.D18726
AegisLabTrojan.Win32.Blocker.j!c
GDataGen:Variant.MSILPerseus.100134
AhnLab-V3Trojan/Win32.Blocker.C2423623
McAfeeGenericRXBQ-OO!281E2A588E06
MAXmalware (ai score=81)
MalwarebytesMalware.AI.2615956715
PandaTrj/GdSda.A
RisingRansom.Blocker!8.12A (CLOUD)
YandexTrojan.Blocker!n5YrI7rqOJQ
IkarusTrojan.MSIL.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/Generic.AP.8AE31E!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Blocker.HwMA1U8A

How to remove MSIL/Kryptik.OTB?

MSIL/Kryptik.OTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment