Malware

Win32/GenKryptik.BVKS malicious file

Malware Removal

The Win32/GenKryptik.BVKS is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GenKryptik.BVKS virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Installs itself for autorun at Windows startup
  • Modifies Image File Execution Options, indicative of process injection or persistence
  • Anomalous binary characteristics

How to determine Win32/GenKryptik.BVKS?



File Info:

name: C62E2480CB9A0FA55A41.mlw
path: /opt/CAPEv2/storage/binaries/0d0cae3d74f436c89ba280aef9aebcd390898d963592441a022b8e417081cef9
crc32: 1DE2DE50
md5: c62e2480cb9a0fa55a41261689f8c349
sha1: 83a50eca68f75aaec9008525ad5e7ba7ac688be4
sha256: 0d0cae3d74f436c89ba280aef9aebcd390898d963592441a022b8e417081cef9
sha512: 2e1d721c2d6102ae32fd92d000bc9e7eef3e10cbd83e8417b67f0e81fcd34c50722c0fecc3a59f452d9c82f2969fc5d82381d75224155d486969f175bb16adc5
ssdeep: 3072:o2y1+PhfqWIEMGTWNzOTWlNFvpaqspPagbd2om4D95MVU0chSHoE3pnYGDa6DjZd:e1UwB0WPFeoPDBoP+XeeYe
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1ACD4BF556204F2BED7A62F323310BB775F6A7656B8388F408B2E1F4299FD646861B700
sha3_384: d3d751935cdea251b224a62ccdb8ed9b72c40c39ad9a00eb6a0121a4a6077a0f7a813dd33c8b48bd80a3b4379631c499
ep_bytes: 558bec83c4b8518d55e4528d45e850ff
timestamp: 2007-04-26 02:09:21


Version Info:

0: [No Data]

Win32/GenKryptik.BVKS also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Winlock.3077
MicroWorld-eScanGen:Heur.VIZ.!e!.1
FireEyeGeneric.mg.c62e2480cb9a0fa5
McAfeePolyPatch-UPX
CylanceUnsafe
VIPREPacked.Win32.PWSZbot.gen (v)
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 004bcce41 )
AlibabaRansom:Win32/Genasom.f4eea339
K7GWTrojan ( 004bcce41 )
Cybereasonmalicious.0cb9a0
BitDefenderThetaGen:NN.ZexaF.34212.KmX@aybW3flc
VirITTrojan.Win32.Winlock.EOJ
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.BVKS
CynetMalicious (score: 100)
KasperskyUDS:Trojan.Win32.Generic
BitDefenderGen:Heur.VIZ.!e!.1
NANO-AntivirusTrojan.Win32.Winlock.oontz
AvastWin32:Zbot-MZS [Spy]
TencentWin32.Trojan.Generic.Swks
Ad-AwareGen:Heur.VIZ.!e!.1
ComodoPacked.Win32.MUPX.Gen@24tbus
ZillyaTrojan.Agent.Win32.195659
EmsisoftGen:Heur.VIZ.!e!.1 (B)
IkarusPacked.Win32.PolyCrypt
GDataGen:Heur.VIZ.!e!.1
JiangminTrojan/Generic.scgn
WebrootW32.Malware.Gen
AviraTR/Crypt.XPACK.Gen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Generic.ASMalwS.FE2845
KingsoftWin32.Troj.Undef.(kcloud)
SUPERAntiSpywareTrojan.Agent/Gen-DitherC
MicrosoftRansom:Win32/Genasom.BY
AhnLab-V3Trojan/Win32.Zbot.R2835
Acronissuspicious
VBA32Trojan.Zeus.EA.0999
ALYacGen:Heur.VIZ.!e!.1
APEXMalicious
RisingRansom.Genasom!8.293 (TFE:4:5tI7Y0rfM3F)
YandexTrojan.GenAsa!da9MzQ9e/cs
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.2588.susgen
AVGWin32:Zbot-MZS [Spy]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/GenKryptik.BVKS?

Win32/GenKryptik.BVKS removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment