What is "Win32/Kryptik.EGRN"?

The Win32/Kryptik.EGRN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.EGRN virus can do?

Executable code extraction
Compression (or decompression)
Creates RWX memory
Attempts to stop active services
Installs itself for autorun at Windows startup
Creates a hidden or system file
Network activity detected but not expressed in API logs
Operates on local firewall’s policies and settings
Creates a copy of itself
Attempts to disable UAC
Attempts to disable Windows Defender
Attempts to modify or disable Security Center warnings

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/Kryptik.EGRN?


File Info:
crc32: C6B65449
md5: 5da19845b858bd54b7df838476d3e689
name: 5DA19845B858BD54B7DF838476D3E689.mlw
sha1: 36f96c540a87aa5d33057a8aeee44495a6dc2162
sha256: 9cc31ee15b7864833db03371b772a609f41c99a860f31ab56f3da91090d63d3b
sha512: 148ec6649fd2e8fa3a3176a2e7e916e772448f1e59429b4f175342a44f252a65e338b0e94c9b03b02a8a3de4c2a7e2e386e7ad0735b71140dfe453d2fcb2b604
ssdeep: 3072:SrPo8sT6pxPw/LjUj0/uY/ufsbTH1mFduChWFJQ4rrY2P5fvM3R2Mxt:VKoLjUYuYKGBmFduChW/rM0fcRhT
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: Copyright (C) 2014
InternalName: Showmen
FileVersion: 32, 33, 11, 34
CompanyName: Qbik Software NZ Ltd
LegalTrademarks: 
ProductName: Uncalibrated Wildfires
ProductVersion: 95, 135, 80, 97
FileDescription: Rocket
OriginalFilename: Tactile.exe

Win32/Kryptik.EGRN also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 0055dd191 )
Elastic	malicious (high confidence)
DrWeb	Win32.HLLM.Reset.756
Cynet	Malicious (score: 100)
ALYac	Trojan.Ransom.GenericKD.30356595
Cylance	Unsafe
Zillya	Trojan.Nimnul.Win32.488
Sangfor	Trojan.Win32.Save.a
Alibaba	TrojanDropper:Win32/Nimnul.92abf97f
K7GW	Trojan ( 0055dd191 )
Cybereason	malicious.5b858b
Symantec	Ransom.Cryptodefense
ESET-NOD32	a variant of Win32/Kryptik.EGRN
APEX	Malicious
Avast	FileRepMalware
Kaspersky	Trojan.Win32.Nimnul.vvh
BitDefender	Trojan.Ransom.GenericKD.30356595
NANO-Antivirus	Trojan.Win32.Reset.dzhybg
MicroWorld-eScan	Trojan.Ransom.GenericKD.30356595
Tencent	Malware.Win32.Gencirc.10c8aee5
Ad-Aware	Trojan.Ransom.GenericKD.30356595
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZexaF.34690.xq0@aePYNqji
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_HPLOCKY.SM1
McAfee-GW-Edition	GenericRXEG-SC!5DA19845B858
FireEye	Generic.mg.5da19845b858bd54
Emsisoft	Trojan.Ransom.GenericKD.30356595 (B)
SentinelOne	Static AI – Malicious PE
Jiangmin	Trojan.Nimnul.bg
Avira	HEUR/AGEN.1117932
Antiy-AVL	Trojan/Generic.ASMalwS.16364D0
Microsoft	TrojanDropper:Win32/Evotob.B
Arcabit	Trojan.Ransom.Generic.D1CF3473
AegisLab	Trojan.Win32.Nimnul.4!c
GData	Trojan.Ransom.GenericKD.30356595
McAfee	GenericRXEG-SC!5DA19845B858
MAX	malware (ai score=95)
VBA32	SScope.Malware-Cryptor.Drixed
Malwarebytes	MachineLearning/Anomalous.100%
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom_HPLOCKY.SM1
Rising	Virus.Ramnit!8.4 (CLOUD)
Yandex	Trojan.GenAsa!Vw+WuYYOAYU
Ikarus	Trojan.Win32.Crypt
Fortinet	W32/Kryptik.EFAD!tr
AVG	FileRepMalware
Paloalto	generic.ml

How to remove Win32/Kryptik.EGRN?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Win32/Kryptik.EGRN”?