Win32/GenKryptik.GULR removal tips

The Win32/GenKryptik.GULR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/GenKryptik.GULR virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Win32/GenKryptik.GULR?


File Info:
name: 056D56376926DEBCB78E.mlw
path: /opt/CAPEv2/storage/binaries/76f483dc66f618d9f2cfc5730ad1b242136892af518a2229e1182618a51f7ee2
crc32: DBAF3A8D
md5: 056d56376926debcb78e939df9d884ad
sha1: da9dededdb9270ee45831b35720cf5b8520c024e
sha256: 76f483dc66f618d9f2cfc5730ad1b242136892af518a2229e1182618a51f7ee2
sha512: f63f675c29170dc3111be5951670a73eef9455c6c7d671d01537cfcb59864f9fe210cdea2078438bb0253319ca921ec76a3a65de11b72af076622c0c1537200b
ssdeep: 24576:fgcxgS8dzuaLosCuZKF4rlBA/mN5r5cgWt3BaSViVWEiBCoBZAQbxaGu:fgKsZ5ut3wSCyAQoGu
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T1C1A55A33F245693EC56F0A3A5927A654993FA761EA169C0F47F04C4CCE39C802A7F64B
sha3_384: 8422bd5ecaa7dd3202ed0b4c39d0466700e6b8262547332903cbf08a5672c25a261bf873768af357d098a3bcbc0bb278
ep_bytes: 558bec83c4c0b8dcdf5c00e8c4a1e3ff
timestamp: 2024-03-01 04:29:11

Version Info:
FileDescription: Lightshot
FileVersion: 1.0.0.0
ProductName: Lightshot
ProductVersion: 1.0.0.0
ProgramID: com.embarcadero.Lightshot
Translation: 0x0409 0x04e4

Win32/GenKryptik.GULR also known as:

Bkav	W32.Common.AE7351C9
Lionic	Trojan.Win32.Generic.4!c
MicroWorld-eScan	Trojan.GenericKD.71881941
ALYac	Trojan.GenericKD.71881941
Cylance	unsafe
Sangfor	Trojan.Win32.Kryptik.Vb1a
CrowdStrike	win/malicious_confidence_100% (W)
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/GenKryptik.GULR
APEX	Malicious
Cynet	Malicious (score: 100)
Alibaba	Trojan:Win32/GenKryptik.73fe204e
Tencent	Win32.Trojan.Genkryptik.Oqil
Emsisoft	Trojan.GenericKD.71881941 (B)
F-Secure	Trojan.TR/AVI.Agent.gysxi
VIPRE	Trojan.GenericKD.71881941
Sophos	Troj/Banker-HCG
Google	Detected
Avira	TR/AVI.Agent.gysxi
Antiy-AVL	Trojan/Win32.GenKryptik
MAX	malware (ai score=88)
Panda	Trj/Chgt.AD
Rising	Spyware.Banker!8.8D (TFE:6:j2n7sA89kiK)
Ikarus	Trojan.Win32.Krypt
MaxSecure	Trojan.Malware.237194139.susgen
Fortinet	Malicious_Behavior.SB
DeepInstinct	MALICIOUS
alibabacloud	Trojan:Win/AVI.Agent

How to remove Win32/GenKryptik.GULR?

Win32/GenKryptik.GULR removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X