Malware

Win32/Kryptik.EOZZ malicious file

Malware Removal

The Win32/Kryptik.EOZZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.EOZZ virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • Unconventionial language used in binary resources: Saami
  • Detects the presence of Wine emulator via function name
  • Detects SunBelt Sandbox through the presence of a library
  • Detects Avast Antivirus through the presence of a library
  • Deletes its original binary from disk
  • A system process is generating network traffic likely as a result of process injection
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Checks the version of Bios, possibly for anti-virtualization
  • Detects VirtualBox through the presence of a device
  • Detects VirtualBox through the presence of a registry key
  • Creates a copy of itself

How to determine Win32/Kryptik.EOZZ?



File Info:

crc32: 7EACDB22
md5: dcc6c00f66325aa244cbcc7346ac6996
name: DCC6C00F66325AA244CBCC7346AC6996.mlw
sha1: 7a497c2708f4481ff27e72ced0e37cfe375f2d51
sha256: b04991509430b12999f07be98684e4905cc47b96aff3074053c853e1443c479b
sha512: 7ec09b4e7d3684c41285b09770008a77023f69f66eb4de0af3704ce5274f8839a64bebdfbb99051b0e42824478036d7614f7b9096bc908d05314a76b1fed0bb9
ssdeep: 3072:47vIojhK+hd3/3ufcPKZQXUU2N/iAg0FukkBN1XVN+pBH/q45ekrmj9R:+AoN/PiZQV2gAOk8fVqBfq4VyR
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Win32/Kryptik.EOZZ also known as:

BkavW32.Common.52686B3C
K7AntiVirusTrojan ( 004eb1a91 )
Elasticmalicious (high confidence)
DrWebTrojan.Proxy2.182
CynetMalicious (score: 99)
CAT-QuickHealRansom.Tescrypt.A4
ALYacTrojan.Lethic.Gen.14
CylanceUnsafe
ZillyaTrojan.Garrun.Win32.144
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
K7GWTrojan ( 004eb1a91 )
Cybereasonmalicious.f66325
BaiduWin32.Trojan.Kryptik.vz
SymantecRansom.TeslaCrypt
ESET-NOD32a variant of Win32/Kryptik.EOZZ
APEXMalicious
AvastWin32:Dorder-W [Trj]
KasperskyTrojan.Win32.Agent.iihi
BitDefenderTrojan.Lethic.Gen.14
NANO-AntivirusTrojan.Win32.AVKill.eamitc
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
MicroWorld-eScanTrojan.Lethic.Gen.14
TencentWin32.Trojan.Garrun.Wvko
Ad-AwareTrojan.Lethic.Gen.14
SophosMal/Wonton-CD
ComodoTrojWare.Win32.Droma.EQJ@6b1t5k
BitDefenderThetaAI:Packer.355FBCEE21
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_CRYPTESLA.SMK1
McAfee-GW-EditionRansom-Tescrypt!DCC6C00F6632
FireEyeGeneric.mg.dcc6c00f66325aa2
EmsisoftTrojan.Lethic.Gen.14 (B)
JiangminTrojan.Bitman.ik
WebrootW32.Malware.Gen
AviraHEUR/AGEN.1128836
eGambitUnsafe.AI_Score_99%
KingsoftWin32.Troj.GenericKD.v.(kcloud)
MicrosoftTrojan:Win32/Lethic.N
ArcabitTrojan.Lethic.Gen.14
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Lethic.Gen.14
AhnLab-V3Trojan/Win32.Teslacrypt.R175087
McAfeeRansom-Tescrypt!DCC6C00F6632
MAXmalware (ai score=80)
VBA32BScope.Trojan.Agent
PandaTrj/CI.A
TrendMicro-HouseCallRansom_CRYPTESLA.SMK1
RisingTrojan.Kryptik!1.A32E (CLOUD)
YandexTrojan.Garrun!cakIRB5RiZI
IkarusTrojan.Win32.Filecoder
FortinetW32/Kryptik.FXWS!tr
AVGWin32:Dorder-W [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.Lethic.HykCuAEA

How to remove Win32/Kryptik.EOZZ?

Win32/Kryptik.EOZZ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment