Malware

MSIL/Kryptik.REZ (file analysis)

Malware Removal

The MSIL/Kryptik.REZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Kryptik.REZ virus can do?

  • Network activity detected but not expressed in API logs

How to determine MSIL/Kryptik.REZ?



File Info:

crc32: 9DA3E383
md5: 5a6e0f6e28a3b9af81d713cbe9693380
name: wapp.exe
sha1: e71e7f267fed69ae3e5833ca6a1e156d1e2a3cd6
sha256: 579c3680ac881dbf6ff9612bc979df733bd082e4adae43193e8ef980a6e1330a
sha512: a2667630fd9d9bc6ded4fe27d4bb946f881565acc0673c2d0be1a53df5d5c6052a675261b13248d2b9e279ea42a24a74a1843371e19213d17f5b7e21858def6e
ssdeep: 3072:wA0liQfvp8Zl7A2gXUFrVKxcPMw/LEIbbKL7sSWhsW2qQyi2Es:wA0liQaZJ+UFcxKJ/gEM8KW2qQyi2
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: x5dcx432x6770x30b7x5fb7x8349x92ax4e3dx5c41x513fx543ex30e7x5e4x30adx415x30adx8feax30e7x30e7x8d3cx8bf6
Assembly Version: 6.2.8.0
InternalName: WindowsApp1.exe
FileVersion: 6.2.8.0
CompanyName: x44ax5e9x5e1x91ax5c41x30bfx434x435x6bd4x513fx897fx442x5e4x6770x930x3087x430x5e9
LegalTrademarks: 
Comments: x442x5c3ax30b3x5d4x3053x30f3x30e7x5c3ax30adx3087x905x30a6x91d1x6770x435x5c3ax431x30bfx415x8bf6x5c41
ProductName: x432x5c3ax92ax435x6bd4x3087x3087x30c8x438x3057x5c41x415x5e6x5dcx5dcx6bd4x6770x902x30bfx3070x3087x5e6x30e7x436
ProductVersion: 6.2.8.0
FileDescription: x8feax5d8x5c41x3087x8d3cx30e7x79c1x5d8x5a1cx30bfx513fx30b7x30adx92ex513fx8349x827ex92ax92ax304ex897fx30d0x30e7
OriginalFilename: WindowsApp1.exe

MSIL/Kryptik.REZ also known as:

MicroWorld-eScanTrojan.GenericKD.42297961
FireEyeGeneric.mg.5a6e0f6e28a3b9af
CAT-QuickHealTrojan.Multi
ALYacTrojan.GenericKD.42297961
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforMalware
K7AntiVirusTrojan ( 0054ab2f1 )
BitDefenderTrojan.GenericKD.42297961
K7GWTrojan ( 0054ab2f1 )
Cybereasonmalicious.67fed6
TrendMicroTROJ_GEN.R002C0WAS20
BitDefenderThetaGen:NN.ZemsilF.34084.tm0@a8WsEjb
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Kryptik.REZ
TrendMicro-HouseCallTROJ_GEN.R002C0WAS20
Paloaltogeneric.ml
GDataTrojan.GenericKD.42297961
KasperskyHEUR:Backdoor.MSIL.Bladabindi.gen
AlibabaTrojan:MSIL/Kryptik.2944fc6f
NANO-AntivirusTrojan.Win32.Kryptik.gxipnk
AegisLabTrojan.Multi.Generic.4!c
RisingTrojan.Kryptik!8.8 (CLOUD)
Ad-AwareTrojan.GenericKD.42297961
SophosMal/Generic-S
ComodoMalware@#23bejt0b2d205
F-SecureHeuristic.HEUR/AGEN.1027155
DrWebBackDoor.Bladabindi.3459
ZillyaTrojan.Kryptik.Win32.1928806
McAfee-GW-EditionRDN/Generic BackDoor
SentinelOneDFI – Malicious PE
EmsisoftTrojan.GenericKD.42297961 (B)
APEXMalicious
CyrenW32/Trojan.DVQY-5371
JiangminBackdoor.MSIL.clkf
MaxSecureTrojan.Malware.73686729.susgen
AviraHEUR/AGEN.1027155
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D2856A69
ZoneAlarmHEUR:Backdoor.MSIL.Bladabindi.gen
MicrosoftBackdoor:MSIL/Bladabindi.B
McAfeeRDN/Generic BackDoor
MAXmalware (ai score=88)
VBA32TScope.Trojan.MSIL
PandaTrj/GdSda.A
TencentMsil.Backdoor.Bladabindi.Swve
IkarusTrojan.MSIL.MultiPacked
FortinetMSIL/Kryptik.REZ!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Generic/Backdoor.633

How to remove MSIL/Kryptik.REZ?

MSIL/Kryptik.REZ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment