Malware

Should I remove “Win32/GenKryptik.GOCG”?

Malware Removal

The Win32/GenKryptik.GOCG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GenKryptik.GOCG virus can do?

  • Sample contains Overlay data
  • Presents an Authenticode digital signature
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32/GenKryptik.GOCG?



File Info:

name: 44A420EEE7D38CE0D7A3.mlw
path: /opt/CAPEv2/storage/binaries/8067ad3b73e33394a977e84ac9267b77691bf30182b94446a7e35eab38c65034
crc32: E6632C76
md5: 44a420eee7d38ce0d7a3252eb9942114
sha1: 2a50de6111f99a71d9bd4ff0abbfb1a9491c732b
sha256: 8067ad3b73e33394a977e84ac9267b77691bf30182b94446a7e35eab38c65034
sha512: f44a08b2805922dc6a3ca29fcdc38bbfd61f5ef7397ed55df8d3b89fcf4fdf71862ee2524ca960a0743bb9288c5518c0e46c23955e5578e05efc405bcc494e39
ssdeep: 6144:lSvGAafgBMniUwluzlcy/XVucQ5bUr7N7pe8S0EtrT1rUXcmRZa5Eceb6zvfz:wGfg2i8VucQ5KFpe8OT1rUMmHamcC6Lz
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T19FE4B011B4E180B2EDE270BD42FC7E3185AED4F0475596CB4BC84BFBD6226C06B365A9
sha3_384: 8f7981e34b980ab881f0a8c811bdaea142d20b25b4ee88a2d1e3725477f03abfced45514116c7987bb5772eef7c8ef04
ep_bytes: e9a2950000e9d0c60100e98ac30000e9
timestamp: 2023-09-22 07:58:05


Version Info:

0: [No Data]

Win32/GenKryptik.GOCG also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
DrWebTrojan.Inject4.61280
MalwarebytesSpyware.PasswordStealer
CyrenW32/Kryptik.KSB.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/GenKryptik.GOCG
APEXMalicious
KasperskyHEUR:Trojan-Spy.Win32.Stealer.gen
AvastWin32:DropperX-gen [Drp]
SophosTroj/Krypt-ABY
GoogleDetected
Antiy-AVLTrojan/Win32.Wacatac
MicrosoftTrojan:Win32/MysticStealer.AMS!MTB
ZoneAlarmHEUR:Trojan-Spy.Win32.Stealer.gen
CynetMalicious (score: 100)
AhnLab-V3Dropper/Win.DropperX-gen.R606733
PandaTrj/Genetic.gen
RisingStealer.Agent!8.C2 (RDMK:cmRtazqTZBDQBgN5a9rMW69pgrjR)
FortinetW32/GenKryptik.GOCG!tr
AVGWin32:DropperX-gen [Drp]
Cybereasonmalicious.111f99

How to remove Win32/GenKryptik.GOCG?

Win32/GenKryptik.GOCG removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment