Should I remove “MSIL/Kryptik.YEW”?

The MSIL/Kryptik.YEW is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Kryptik.YEW virus can do?

The binary likely contains encrypted or compressed data.
Network activity detected but not expressed in API logs

How to determine MSIL/Kryptik.YEW?


File Info:
crc32: C5442958
md5: 21cae8cb761592f1156daa6c87cd3978
name: upload_file
sha1: 66ae4a08ea9d0e38642d74a1b7867d507ced9bab
sha256: 5e5dc622108b69d77e09abf99287d670c8f0249e59971ee49ef7506adb572ecf
sha512: 01f09b07b1864eaaf5f1cce734e25274cf57edb59b9c16ad212a45ed935cc8c82684f5e05dac7d01fa33271b443496559ebed50163d22c00bb3f3bf63ea8fee1
ssdeep: 12288:8TbHDdiSG0ahtIQK7fuqHeYu6RSJjNJP6jR22f6mL4:8TrDxahtzhKeYu6R6C/h
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:
Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2004 - 2020
Assembly Version: 0.0.0.0
InternalName: oooooo.exe
FileVersion: 3.4.6.7
CompanyName: 0p_z-38b^y}64u[)7o5b
Comments: x$69i@o0&3d4b#;7y5
ProductName: 7q;o}21y:=0k5b?|8kb!49x
ProductVersion: 3.4.6.7
FileDescription: 7q;o}21y:=0k5b?|8kb!49x
OriginalFilename: oooooo.exe

MSIL/Kryptik.YEW also known as:

Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.44078334
FireEye	Generic.mg.21cae8cb761592f1
ALYac	Trojan.GenericKD.44078334
Cylance	Unsafe
Sangfor	Malware
K7AntiVirus	Trojan ( 005711ef1 )
BitDefender	Trojan.GenericKD.44078334
K7GW	Trojan ( 005711ef1 )
CrowdStrike	win/malicious_confidence_90% (W)
Invincea	Mal/Generic-S
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Kaspersky	HEUR:Trojan-Spy.MSIL.Noon.gen
Alibaba	TrojanSpy:MSIL/Kryptik.24f405a9
ViRobot	Trojan.Win32.Z.Highconfidence.562688
Ad-Aware	Trojan.GenericKD.44078334
Comodo	Malware@#21ll77niwonhr
DrWeb	Trojan.Inject4.3289
VIPRE	Trojan.Win32.Generic.pak!cobra
McAfee-GW-Edition	BehavesLike.Win32.Generic.hc
Emsisoft	Trojan.GenericKD.44078334 (B)
Ikarus	Trojan.Agent
MAX	malware (ai score=85)
Microsoft	Trojan:Win32/Woreflint.A!cl
Arcabit	Trojan.Generic.D2A094FE
ZoneAlarm	HEUR:Trojan-Spy.MSIL.Noon.gen
GData	Trojan.GenericKD.44078334
McAfee	Artemis!21CAE8CB7615
Panda	Trj/GdSda.A
ESET-NOD32	a variant of MSIL/Kryptik.YEW
TrendMicro-HouseCall	TROJ_GEN.R002H0CJF20
Tencent	Msil.Trojan-spy.Noon.Hqvq
Fortinet	MSIL/Kryptik.YEM!tr
BitDefenderTheta	Gen:NN.ZemsilF.34570.Im0@aqBbfZj
AVG	FileRepMetagen [Malware]
Cybereason	malicious.8ea9d0
Paloalto	generic.ml

How to remove MSIL/Kryptik.YEW?

MSIL/Kryptik.YEW removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X