Win32/GenKryptik.GBQZ (file analysis)

The Win32/GenKryptik.GBQZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/GenKryptik.GBQZ virus can do?

• Sample contains Overlay data
• The binary contains an unknown PE section name indicative of packing
• Authenticode signature is invalid

How to determine Win32/GenKryptik.GBQZ?

File Info:
name: 837FFEA9BC3E8483BE9E.mlw
path: /opt/CAPEv2/storage/binaries/a75412f4677f1823ff1881e172a1be548d7526ea55b2b254eee4c24310f38943
crc32: E267E1C0
md5: 837ffea9bc3e8483be9e9519805f41a1
sha1: db3bfa71876dafe02027b079d0456d41bfbb3ff6
sha256: a75412f4677f1823ff1881e172a1be548d7526ea55b2b254eee4c24310f38943
sha512: 036d0d34239778c98519abe62acb210617c00d6c2eb8ecaa8691c43dd86cc24ae2088bf54b22ab3ebaf287c3bf96b1d898dbe43676bf51de072775e7f06904e4
ssdeep: 24576:08orQ1Y1YDgrc/XMJLYQAxtuDk/Tyk9cIEz5KBLqWl3RuQ55313O:0jel/TjKIEz5KBRl3U
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1D4B50A03AACB1E75DDD23BB4518B533AA738ED30CA2A9B7FF60CC53559532C4681A742
sha3_384: cf3aadd0b88de17694277358faf41b83dbe574426f2f41cb05d0bb9e220e05c8fcb68d006cfcdc51cf1c4e7e082e48db
ep_bytes: 83ec0cc705b803500000000000e8ee45
timestamp: 2022-10-30 17:27:53

Version Info:
0: [No Data]

Win32/GenKryptik.GBQZ also known as:

How to remove Win32/GenKryptik.GBQZ?

• Download and install GridinSoft Anti-Malware.
• Open GridinSoft Anti-Malware and perform a “Standard scan“.
• “Move to quarantine” all items.
• Open “Tools” tab – Press “Reset Browser Settings“.
• Select proper browser and options – Click “Reset”.
• Restart your computer.