Malware

Win32/GenKryptik.CHCX removal instruction

Malware Removal

The Win32/GenKryptik.CHCX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GenKryptik.CHCX virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Executed a process and injected code into it, probably while unpacking
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

Related domains:

novaprom.pw

How to determine Win32/GenKryptik.CHCX?



File Info:

crc32: D6F4CE18
md5: 0fa3130b3dfe2e71dc52cfe0b6243dc9
name: 0FA3130B3DFE2E71DC52CFE0B6243DC9.mlw
sha1: fcc0b7b86cb838cac6b9d35e3148bf21fa60536f
sha256: 4e041a6cd0602572ba2ad87cdd0bafd75bf3b5f483a02ebf0909f9c233b1d66c
sha512: e1f040179fdf6b9c31b257e110b122c7f68fc247fede8122a45a7f991da339f53dd33495766f99ff3c13937a784e63126f197d6e5822e368e944493ca454a055
ssdeep: 6144:3AlAMAuG8jFZyWFBdaGsDpqZ2yqA50V81M1gJZI4zrKv0T:z8jFZyWFBPsFqZ2V8e1+qSrm2
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: exceptions to the general rule of denunciation under ILO
InternalName: KMres7t
FileVersion: 1.00.0045
CompanyName: evaluates the risks to human health posed by disinfectants and ... about Disinfectants and Disinfectants By-Products by ILO Paperback
Comments: LisiJuntr
ProductName: LisiJuntr
ProductVersion: 1.00.0045
FileDescription: enterprises in implementing the ILO core international labour standards and national .... Indonesia has ratified the two core ILO
OriginalFilename: KMres7t.exe

Win32/GenKryptik.CHCX also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.40366074
FireEyeGeneric.mg.0fa3130b3dfe2e71
ALYacTrojan.GenericKD.40366074
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Crusis.4!c
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0053a11d1 )
BitDefenderTrojan.GenericKD.40366074
K7GWTrojan ( 0053a11d1 )
Cybereasonmalicious.b3dfe2
BitDefenderThetaAI:Packer.C79BFEB221
SymantecML.Attribute.HighConfidence
AvastWin32:Malware-gen
KasperskyTrojan-Ransom.Win32.Crusis.adk
AlibabaRansom:Win32/Crusis.0921aafa
NANO-AntivirusTrojan.Win32.Crusis.fgegsa
RisingRansom.Crusis!8.5724 (CLOUD)
Ad-AwareTrojan.GenericKD.40366074
SophosMal/Generic-S
ComodoMalware@#3vs5ubbc46wp1
F-SecureHeuristic.HEUR/AGEN.1125089
ZillyaTrojan.GenericKD.Win32.140796
McAfee-GW-EditionBehavesLike.Win32.Generic.fh
EmsisoftTrojan.GenericKD.40366074 (B)
IkarusTrojan.Win32.Krypt
JiangminTrojan.Crusis.vm
AviraHEUR/AGEN.1125089
MAXmalware (ai score=100)
Antiy-AVLTrojan[Ransom]/Win32.Crusis
MicrosoftTrojan:Win32/Occamy.C
ArcabitTrojan.Generic.D267EFFA
ZoneAlarmTrojan-Ransom.Win32.Crusis.adk
GDataTrojan.GenericKD.40366074
CynetMalicious (score: 85)
McAfeeGenericRXGJ-JS!0FA3130B3DFE
VBA32Trojan.Packed
MalwarebytesMachineLearning/Anomalous.100%
PandaTrj/CI.A
APEXMalicious
ESET-NOD32a variant of Win32/GenKryptik.CHCX
TencentWin32.Trojan.Crusis.Jmh
YandexTrojan.Crusis!hwf/FAmisz4
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_95%
FortinetW32/Crusis.ADK!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_80% (D)
Qihoo-360Win32/Trojan.Ransom.4af

How to remove Win32/GenKryptik.CHCX?

Win32/GenKryptik.CHCX removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment