Malware

Win32/GenKryptik.CIAG information

Malware Removal

The Win32/GenKryptik.CIAG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GenKryptik.CIAG virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Authenticode signature is invalid

How to determine Win32/GenKryptik.CIAG?



File Info:

name: DF8C7C00ABDD2ABEC0DE.mlw
path: /opt/CAPEv2/storage/binaries/048f76bc856b11bc622383eb413316468075cbf5cee0cc244841c1286f451d9b
crc32: C5C3BAE8
md5: df8c7c00abdd2abec0def2577df10b5e
sha1: 39f63ac640fbbbb6ac28c5c9218cc12b489a2a61
sha256: 048f76bc856b11bc622383eb413316468075cbf5cee0cc244841c1286f451d9b
sha512: b73e10c1b6e892c6c1304c87302f7818ba4bd08706b722d1ebd5cce75018fc9c566b50e99db61c6b9b376d3c883d85eaf79983b92f1708a4165773a03f082c3f
ssdeep: 6144:ynrWQ1zD3OCmhr2BmW7W5xNyN4IiMbyVrvUHulqqoMTI:ynS033OCmhr2BmGW5xNyN4IiOy5XI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F6846C127380E032D5B725304E9AEB9297B8FC702960519FAB94F73DEA712D2D636707
sha3_384: 927e3c2d7f3e7c904cd6b6ce0dbeecbfb5e6d28e767de81397567d5cc856b63fb1f1d5e758cecf1579c7320e0d5a996b
ep_bytes: e8d8b20000e978feffffcc68f0384200
timestamp: 2018-08-13 12:29:31


Version Info:

Languages: English
LegalTrademarks: Andrew Zhezherun ©. All rights reserved.
Comments: Receptive Others' Volunteered Annual
CompanyName: Andrew Zhezherun
PrivateBuild: 2.2.85.5
Assembly Version: 2.2.85.5
FileDescription: Receptive Others' Volunteered Annual
InternalName: Encoding
FileVersion: 2.2.85.5
LegalCopyright: Andrew Zhezherun ©. All rights reserved.
OriginalFilename: Encoding
ProductName: Encoding
ProductVersion: 2.2.85.5
Translation: 0x0409 0x04b0

Win32/GenKryptik.CIAG also known as:

LionicTrojan.Win32.Godzilla.a!c
Elasticmalicious (high confidence)
CynetMalicious (score: 99)
FireEyeGeneric.mg.df8c7c00abdd2abe
McAfeeArtemis!DF8C7C00ABDD
ZillyaTrojan.GenericKD.Win32.153166
SangforTrojan.Win32.Godzilla.qj
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win32/Godzilla.e79da26f
K7GWTrojan ( 0053a5dc1 )
K7AntiVirusTrojan ( 0053a5dc1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.CIAG
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Downloader.Win32.Godzilla.qj
BitDefenderGen:Variant.Ransom.Shade.27
NANO-AntivirusTrojan.Win32.Godzilla.fhokvs
SUPERAntiSpywareTrojan.Agent/Gen-Crypt
MicroWorld-eScanGen:Variant.Ransom.Shade.27
AvastWin32:Malware-gen
TencentWin32.Trojan-downloader.Godzilla.Wvay
Ad-AwareGen:Variant.Ransom.Shade.27
ComodoMalware@#2cb15u5ltovfv
TrendMicroTROJ_GEN.R002C0WIS21
EmsisoftGen:Variant.Ransom.Shade.27 (B)
IkarusTrojan.Win32.Krypt
GDataGen:Variant.Ransom.Shade.27
WebrootW32.Trojan.GenKD
AviraTR/AD.MalwareCrypter.vfmhg
Antiy-AVLTrojan/Generic.ASMalwS.27B15B6
ArcabitTrojan.Ransom.Shade.27
MicrosoftTrojan:Win32/Occamy.C04
AhnLab-V3Malware/Win32.Generic.C2665697
VBA32TrojanDownloader.Godzilla
ALYacGen:Variant.Ransom.Shade.27
MAXmalware (ai score=100)
TrendMicro-HouseCallTROJ_GEN.R002C0WIS21
RisingDownloader.Godzilla!8.E3AB (CLOUD)
SentinelOneStatic AI – Suspicious PE
FortinetW32/GenKryptik.CIAG!tr
AVGWin32:Malware-gen
Cybereasonmalicious.0abdd2
PandaTrj/GdSda.A

How to remove Win32/GenKryptik.CIAG?

Win32/GenKryptik.CIAG removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment