Categories: Malware

How to remove “MSIL/Kryptik.WAD”?

The MSIL/Kryptik.WAD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What MSIL/Kryptik.WAD virus can do?

The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine MSIL/Kryptik.WAD?


File Info:
crc32: 64F125C9md5: 5968e48d455d9022ba9603abb1e7ec65name: ron.exesha1: 07589dcd965557b16b85b74ba8a6ee2ae0e32392sha256: af252182c0fb55296965f32665b5a8c3e4da0863f9b569ca4b88a781adece54bsha512: 1a1fcee558fb26f24749471124a98a3d504b35c5372b050126a55a7ff89b5513dfe8cc15d3366ee4971c7a6419608e50aff495fe27d0d074b82f943b7e59c2c3ssdeep: 6144:fem9jNmzrG/QCDhumrBEAlqN+h81PC4Ryu/em6X4DUwiRv9Tkvw:H0fYXDNN9l+281TyCL6XGKktype: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Version Info:
Translation: 0x0000 0x04b0LegalCopyright: arche noVa 2020 (C)Assembly Version: 2020.0.8.1InternalName: BCqNygiNrDfSKx.exeFileVersion: 2020.0.8.1CompanyName: arche noVaLegalTrademarks: arche noVaComments: arche noVa is a non-profit- and non-governmental organisation working primarily on the field of humanitarian aid, development cooperation and education.ProductName: MidtermFirstBuildProductVersion: 2020.0.8.1FileDescription: MidtermFirstBuildOriginalFilename: BCqNygiNrDfSKx.exe

MSIL/Kryptik.WAD also known as:

MicroWorld-eScan	Gen:Variant.MSILPerseus.224337
CAT-QuickHeal	Backdoor.MSIL
Qihoo-360	Generic/Backdoor.23a
ALYac	Gen:Variant.MSILPerseus.224337
Malwarebytes	Trojan.PCrypt.MSIL.Generic
VIPRE	Trojan.Win32.Generic!BT
AegisLab	Trojan.MSIL.Remcos.m!c
Sangfor	Malware
K7AntiVirus	Trojan ( 005673621 )
BitDefender	Gen:Variant.MSILPerseus.224337
K7GW	Trojan ( 005673621 )
Arcabit	Trojan.MSILPerseus.D36C51
TrendMicro	TROJ_GEN.R002C0DER20
F-Prot	W32/MSIL_Kryptik.ASY.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of MSIL/Kryptik.WAD
APEX	Malicious
Paloalto	generic.ml
Kaspersky	HEUR:Backdoor.MSIL.Remcos.gen
Alibaba	Trojan:Win32/Kryptik.ali2000016
Rising	Backdoor.Remcos!8.B89E (CLOUD)
Ad-Aware	Gen:Variant.MSILPerseus.224337
Emsisoft	Gen:Variant.MSILPerseus.224337 (B)
F-Secure	Trojan.TR/AD.Bladabindi.njykg
DrWeb	Trojan.KillProc2.10580
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.gc
Fortinet	MSIL/Agent.9D7E!tr
FireEye	Generic.mg.5968e48d455d9022
Sophos	Mal/Generic-S
Ikarus	Trojan.MSIL.Krypt
Cyren	W32/MSIL_Kryptik.ASY.gen!Eldorado
Jiangmin	Backdoor.MSIL.cytj
Webroot	W32.Trojan.Gen
Avira	TR/AD.Bladabindi.njykg
MAX	malware (ai score=100)
Endgame	malicious (high confidence)
Microsoft	TrojanSpy:MSIL/AgentTesla.SM!MTB
ZoneAlarm	HEUR:Backdoor.MSIL.Remcos.gen
AhnLab-V3	Malware/Win32.RL_Generic.C4106668
McAfee	Trojan-FSJJ!5968E48D455D
VBA32	TScope.Trojan.MSIL
Cylance	Unsafe
Panda	Trj/GdSda.A
TrendMicro-HouseCall	TROJ_GEN.R002C0DER20
Tencent	Win32.Trojan.Inject.Auto
SentinelOne	DFI – Malicious PE
GData	Gen:Variant.MSILPerseus.224337
BitDefenderTheta	Gen:NN.ZemsilF.34122.Am0@a8febci
AVG	Win32:PWSX-gen [Trj]
Avast	Win32:PWSX-gen [Trj]
CrowdStrike	win/malicious_confidence_70% (W)
MaxSecure	Trojan.Malware.300983.susgen