Malware

Win32/GenKryptik.GOKG (file analysis)

Malware Removal

The Win32/GenKryptik.GOKG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/GenKryptik.GOKG virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Deletes executed files from disk
  • Anomalous binary characteristics

How to determine Win32/GenKryptik.GOKG?



File Info:

name: 3FEF53ECF968E47632A4.mlw
path: /opt/CAPEv2/storage/binaries/d856af7903005fe952573e6697972eefe63cd7c2e4213457cc3149d0bef44f2e
crc32: B32EA7FE
md5: 3fef53ecf968e47632a424169068f70a
sha1: 6b9a58724b9c7a883cb36ca99258e27588eccea7
sha256: d856af7903005fe952573e6697972eefe63cd7c2e4213457cc3149d0bef44f2e
sha512: d29994a71ebfedb00ec3127e2ef0c7679d763ab27826a91c6d92535a727a8af4af52e82ee26549d244289156dd594a70bedf17d1d9c7504f683f84f3241bf083
ssdeep: 49152:ISgwojKvddlzVHCqbfJ2Dx4Qk+6QTQ4yO1kTMMLAPzh2IsGtRfsB/5:ISgLuthCqkIFQTr1OvXmffE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15AA533A8C3275660DD7356F2CADC437B9DE8DE081B2568C3EDB5783925B4D9C0B28239
sha3_384: f3d4e650a544f784270384617a32979edcd6afd87d87bc843bed6c7a1c19dddcf90491883143f1ffaa7f2f154b4417f9
ep_bytes: 558bec6aff683083400068907c400064
timestamp: 2023-06-20 07:00:00


Version Info:

CompanyName: Igor Pavlov
FileDescription: 7z Setup SFX small
FileVersion: 23.01
InternalName: 7zS2.sfx
LegalCopyright: Igor Pavlov : Public domain
OriginalFilename: 7zS2.sfx.exe
ProductName: 7-Zip
ProductVersion: 23.01
Translation: 0x0409 0x04b0

Win32/GenKryptik.GOKG also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
ZillyaTrojan.Zenpak.Win32.20386
BitDefenderThetaGen:NN.ZedlaF.36738.nA8@aG7lEVaO
ESET-NOD32a variant of Win32/GenKryptik.GOKG
APEXMalicious
KasperskyUDS:Trojan.Win32.Zenpak
NANO-AntivirusVirus.Win32.Gen.ccmw
AvastWin32:Evo-gen [Trj]
McAfee-GW-EditionBehavesLike.Win32.Dropper.vc
ZoneAlarmUDS:DangerousObject.Multi.Generic
MicrosoftProgram:Win32/Wacapew.C!ml
AhnLab-V3Trojan/Win.Zusy.C5462921
McAfeeArtemis!3FEF53ECF968
FortinetW32/Kryptik.HUEI!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS

How to remove Win32/GenKryptik.GOKG?

Win32/GenKryptik.GOKG removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment