Malware

About “Win32/GenKryptik.FOCH” infection

Malware Removal

The Win32/GenKryptik.FOCH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GenKryptik.FOCH virus can do?

  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid

How to determine Win32/GenKryptik.FOCH?



File Info:

name: CB0EC906F52AFE5689E5.mlw
path: /opt/CAPEv2/storage/binaries/7da9c6d685fe6efa16933ba2eeb5b26fda187092b4127133998e0b4463e7914a
crc32: F8DF2C89
md5: cb0ec906f52afe5689e5b1b9ec260dc0
sha1: 860650057b48e7d50d612206028c9912e6ac6e74
sha256: 7da9c6d685fe6efa16933ba2eeb5b26fda187092b4127133998e0b4463e7914a
sha512: 37bac553d8e24316f83829802bb1903a5b2b8f7586102942554cb74d762f8700f520e59c9b8b1866ca5987af135e8af2bbde7a2aa3225b1c85269d2bb1c1f109
ssdeep: 24576:XKIk3UG0rT3iYAMtHv3YZJ8XYo8I4wc7dlsq1Xo4RQeON9I:YUDxJvoJm8ccJmuY4RQeONS
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CA05235DED86F0A5C0A2AC3091257DD566497F430A46350A1CAFCEB1CB76AD3F8EF206
sha3_384: 4b4b491cec7e6d5b6957b2a1e6be9e5ebbe5035f5dd2cb9c6341c9b66fffd35a8e82f34088a6960caa9857cf52ce75f5
ep_bytes: 60be005043008dbe00c0fcffc7874093
timestamp: 2020-01-14 01:24:53


Version Info:

FileVers: 7.0.2.54
ProductVers: 7.0.21.21
InternalNames: galimatimat
LegalCopyrighd: Jdfgl sfd
Translations: 0x0159 0x149f

Win32/GenKryptik.FOCH also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKDZ.75036
FireEyeGeneric.mg.cb0ec906f52afe56
ALYacTrojan.GenericKDZ.75036
CylanceUnsafe
Cybereasonmalicious.57b48e
BitDefenderThetaGen:NN.ZexaF.34294.YmGfaKnvp4mO
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.FOCH
ClamAVWin.Malware.Bandook-9859703-1
BitDefenderTrojan.GenericKDZ.75036
NANO-AntivirusTrojan.Win32.Stop.ivexex
AvastWin32:Malware-gen
Ad-AwareTrojan.GenericKDZ.75036
EmsisoftTrojan.GenericKDZ.75036 (B)
DrWebTrojan.PWS.Stealer.26450
McAfee-GW-EditionPacked-GBF!332842C82427
SentinelOneStatic AI – Malicious PE
SophosTroj/PWS-CLT
APEXMalicious
GDataTrojan.GenericKDZ.75036
MaxSecureTrojan.Malware.300983.susgen
Antiy-AVLTrojan/Generic.ASMalwS.32DAFA1
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
CynetMalicious (score: 100)
Acronissuspicious
MAXmalware (ai score=80)
RisingMalware.Heuristic!ET#91% (RDMK:cmRtazoZMHAM4yF4doT3PYHOMifs)
IkarusTrojan.Win32.Crypt
eGambitUnsafe.AI_Score_98%
FortinetW32/Kryptik.EAT!tr
AVGWin32:Malware-gen

How to remove Win32/GenKryptik.FOCH?

Win32/GenKryptik.FOCH removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment