Malware

How to remove “Win32/GenKryptik.FKCI”?

Malware Removal

The Win32/GenKryptik.FKCI is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/GenKryptik.FKCI virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (4 unique times)
  • Creates RWX memory
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Slovenian
  • The binary likely contains encrypted or compressed data.
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

Related domains:

telete.in
apps.identrust.com

How to determine Win32/GenKryptik.FKCI?


File Info:

crc32: E83FCD86
md5: 7b33959b186847a154ea317dbdb550b8
name: 7B33959B186847A154EA317DBDB550B8.mlw
sha1: 0f0e6855fa4ab8429eb209ace0b118bda056ff1e
sha256: 8dd2883562192b8cd39120419d090a4b17388d6fc304f04d185ee3d2f18c1874
sha512: 79c98e0ad59013e473fb0d9eccae7140007d5d7b2fc92934dd6ab803ff81595a7b4ba5776995b5df100cab1fdbe90eafe479e06db2af1671388d1891b5d7612f
ssdeep: 12288:8vmy8w0gsytGPfxh1S9NlqU0pC6AYo6pzj4Ub:8+jjbhsRqBE6tt4+
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

InternalName: sajzmoamunu.apa
ProductVersion: 7.19.29.38
Copyright: Copyrighz (C) 2021, fudkagata
Translation: 0x0129 0x009f

Win32/GenKryptik.FKCI also known as:

K7AntiVirusTrojan ( 0056ac331 )
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 0056ac331 )
CyrenW32/Kryptik.EWJ.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FKCI
APEXMalicious
AvastWin32:RansomX-gen [Ransom]
KasperskyUDS:DangerousObject.Multi.Generic
BitDefenderGen:Variant.Fragtor.16092
MicroWorld-eScanGen:Variant.Fragtor.16092
Ad-AwareGen:Variant.Jaik.47587
SophosML/PE-A
BitDefenderThetaGen:NN.ZexaF.34126.Eq0@auNRrDic
McAfee-GW-EditionBehavesLike.Win32.Generic.gc
FireEyeGeneric.mg.7b33959b186847a1
EmsisoftGen:Variant.Jaik.47587 (B)
SentinelOneStatic AI – Malicious PE
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitTrojan.Jaik.DB9E3
GDataGen:Variant.Fragtor.16092
Acronissuspicious
McAfeeArtemis!7B33959B1868
MAXmalware (ai score=83)
MalwarebytesTrojan.MalPack.GS
PandaTrj/Genetic.gen
RisingTrojan.Generic@ML.90 (RDML:j+FlQBGH/HP2qaf8clQOwA)
IkarusTrojan-Spy.Agent
MaxSecureTrojan.Malware.300983.susgen
AVGWin32:RansomX-gen [Ransom]

How to remove Win32/GenKryptik.FKCI?

Win32/GenKryptik.FKCI removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment