Malware

Win32/Kryptik.BCYO malicious file

Malware Removal

The Win32/Kryptik.BCYO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.BCYO virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Collects information to fingerprint the system

How to determine Win32/Kryptik.BCYO?



File Info:

name: D2C45C1587146A7A53F0.mlw
path: /opt/CAPEv2/storage/binaries/decdfb60390b78f584e7a0e27ecb98bc9d9d8628d7cf22e80e95491524ea7081
crc32: E4103198
md5: d2c45c1587146a7a53f0cd0144b42090
sha1: 2b07c215ed857be003722ec40d87258afab68f30
sha256: decdfb60390b78f584e7a0e27ecb98bc9d9d8628d7cf22e80e95491524ea7081
sha512: b8f96a273a268d8c4df959460f7087fb08abaed6926414ff78a918be1ce4111c817f3b835374525d1da7b47a360437782fcc7d2899cc777827dfa277f245ed98
ssdeep: 3072:aE2yhPWDkukkSSx6wfAMy9CJAd6BSFkKu:aE2yhOtkwfAIJAdmikz
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1D9D3BD53B791EC82E02847348993C7BD17B2BD60DE65825733D16F8F7CBA2888E22715
sha3_384: d3ffae79775fcdc065a6ea9ad17ec9f7f755a865b56f09fe37cb17d56df5a63f9e0ef71d5a5530d6d8b179972786971d
ep_bytes: 53515256c8800000c7458001000000e8
timestamp: 2010-12-21 05:34:57


Version Info:

0: [No Data]

Win32/Kryptik.BCYO also known as:

BkavW32.AIDetectMalware
AVGWin32:Kryptik-MAB [Trj]
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Uztub.21
FireEyeGeneric.mg.d2c45c1587146a7a
CAT-QuickHealTrojanDropper.Gepys.A
SkyhighBehavesLike.Win32.Dropper.ch
ALYacGen:Variant.Uztub.21
Cylanceunsafe
ZillyaTrojan.Tepfer.Win32.58307
SangforTrojan.Win32.Save.a
AlibabaTrojanDropper:Win32/Gepys.f79302e5
K7GWTrojan ( 0040f4c81 )
K7AntiVirusTrojan ( 0040f4c81 )
BitDefenderThetaGen:NN.ZexaF.36802.iuX@a4yh78
VirITTrojan.Win32.Generic.ARHI
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.BCYO
CynetMalicious (score: 100)
APEXMalicious
AvastWin32:Kryptik-MAB [Trj]
ClamAVWin.Trojan.Gepys-47
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Variant.Uztub.21
NANO-AntivirusTrojan.Win32.Mods.cqkyik
TencentMalware.Win32.Gencirc.10b14f4b
EmsisoftGen:Variant.Uztub.21 (B)
F-SecureTrojan.TR/Drop.Gepys.aouen
DrWebTrojan.Mods.1
VIPREGen:Variant.Uztub.21
TrendMicroTROJ_SPNR.15GB13
Trapminemalicious.high.ml.score
SophosMal/Generic-S
JiangminTrojan/ShipUp.pb
VaristW32/Gepys.C.gen!Eldorado
AviraTR/Drop.Gepys.aouen
MAXmalware (ai score=100)
Antiy-AVLTrojan/Win32.ShipUp
KingsoftWin32.Trojan.Generic.a
MicrosoftTrojanDropper:Win32/Gepys.A
XcitiumTrojWare.Win32.ShipUp.CJA@4yldz1
ArcabitTrojan.Uztub.21
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataGen:Variant.Uztub.21
GoogleDetected
AhnLab-V3Trojan/Win32.Tepfer.R68916
Acronissuspicious
McAfeeDropper-FGD!D2C45C158714
VBA32Trojan.Redirect
MalwarebytesGeneric.Malware.AI.DDS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_SPNR.15GB13
RisingTrojan.Generic@AI.92 (RDML:Om4dZGyB7X6uqVpQPa+3Lw)
YandexTrojan.ShipUp!5GDeYkDs9LA
IkarusTrojan.Dropper.Gepys
MaxSecurePSW.Tepfer.olek
FortinetW32/Kryptik.BDUE!tr
DeepInstinctMALICIOUS
alibabacloudTrojan:Win/Uztub

How to remove Win32/Kryptik.BCYO?

Win32/Kryptik.BCYO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment