Malware

Troj/Krypt-ABY (file analysis)

Malware Removal

The Troj/Krypt-ABY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/Krypt-ABY virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Troj/Krypt-ABY?



File Info:

name: 9C40B980A015CDDB3E67.mlw
path: /opt/CAPEv2/storage/binaries/7da2f87291cb39a2e7d32916a8b02cd41c99ee3f368a7e6c40f5d0109bde6628
crc32: 91A32DFC
md5: 9c40b980a015cddb3e67f92c59820e6a
sha1: 4a564bb129c981b7e5603b404517190ed29feb43
sha256: 7da2f87291cb39a2e7d32916a8b02cd41c99ee3f368a7e6c40f5d0109bde6628
sha512: d25bfce109d1766325b1c6c558be39c04735d2b4ca6e9e2dd149b117d5f6cf5afecdd169b1784469cb878455e8470cdd2d1df6d5a9765a903af98f1a821b413b
ssdeep: 6144:U6vGALXgBEIy8wluzNcq/PVucQpvyJMDHJdNLvzqQTYXBwzCy+I7FdiAD0VmUvfr:tHXgFysVucQpUYJdNLOQwBwzCyvBXDor
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T193E48E50BCEC8673ECF220BA06DDBA7641EDE8B0335155CB07D85BEAE6703C16A35196
sha3_384: f5606d56eae1c4366979c38a75678d5992acbdb2a288edccc4da49ba8ea726d53819d813c4111c56f0aec78a32bd208e
ep_bytes: e9a2950000e9d0c60100e98ac30000e9
timestamp: 2023-09-21 12:31:15


Version Info:

0: [No Data]

Troj/Krypt-ABY also known as:

BkavW32.AIDetectMalware
BitDefenderThetaGen:NN.ZexaF.36722.RyY@aiA!Qle
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
APEXMalicious
CynetMalicious (score: 100)
KasperskyVHO:Trojan-Spy.Win32.Stealer.gen
AvastDropperX-gen [Drp]
SophosTroj/Krypt-ABY
ZoneAlarmVHO:Trojan-Spy.Win32.Stealer.gen
MicrosoftTrojan:Win32/Sabsik.EN.B!ml
GoogleDetected
AVGDropperX-gen [Drp]

How to remove Troj/Krypt-ABY?

Troj/Krypt-ABY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment