About "Win32/Kryptik.FMZJ" infection

The Win32/Kryptik.FMZJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.FMZJ virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
The binary likely contains encrypted or compressed data.
Executed a process and injected code into it, probably while unpacking
Attempts to repeatedly call a single API many times in order to delay analysis time

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/Kryptik.FMZJ?


File Info:
crc32: 33CA281C
md5: a26adeb90f9fa8c3e482dfa70f761b81
name: A26ADEB90F9FA8C3E482DFA70F761B81.mlw
sha1: 15bb15028a3b52b66ed5e9969f1806c51635265a
sha256: 3579bb831d423f0d0e094f70ba3a7f510c387d5b2c238e57c90c9ee3f8ed83f8
sha512: 7895a50702127715f825ccf0bc07922c3d01bc48fa5c931891c02f0aaf9fd36e947b5f069b67cd262cdda74b1c0bb53887e2b2b1937544a5f8e5ef629afa142f
ssdeep: 12288:7yE7/Hc+dX63wUZnuq6sYHKmIPFZK/d4p+Fcs1n3arUnJL1mosFSAMw4Blp6E/CC:7yE7/Hc+dX63pZQ7I9ZyPP1qry33sXMZ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Assembly Version: 5.1.72.934
LegalCopyright: Copyright xa9Skype Technologies S.A. 2016  All rights reserved.
InternalName: Authenticode
FileVersion: 5.1.72.934
CompanyName: Skype Technologies S.A.
FileDescription: Interventions Font Misguided Cmyk
LegalTrademarks: Copyright xa9Skype Technologies S.A. 2016  All rights reserved.
Comments: Interventions Font Misguided Cmyk
ProductName: Authenticode
Languages: English
ProductVersion: 5.1.72.934
PrivateBuild: 5.1.72.934
OriginalFilename: Authenticode
Translation: 0x0409 0x04b0

Win32/Kryptik.FMZJ also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Trojan ( 005027011 )
Lionic	Trojan.Win32.Generic.4!c
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen7.23235
Cynet	Malicious (score: 100)
ALYac	Gen:Variant.Ransom.Shade.27
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 005027011 )
Cybereason	malicious.90f9fa
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.FMZJ
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Trojan.Win32.Yakes.uwbp
BitDefender	Gen:Variant.Ransom.Shade.27
NANO-Antivirus	Trojan.Win32.Yakes.evdsmh
MicroWorld-eScan	Gen:Variant.Ransom.Shade.27
Tencent	Win32.Trojan.Yakes.Lkni
Ad-Aware	Gen:Variant.Ransom.Shade.27
Sophos	Mal/Generic-S
Comodo	Malware@#cxodppmeu1bn
BitDefenderTheta	Gen:NN.ZexaF.34104.Vq0@aqmzP8oi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Mal_MiliCry-1c
McAfee-GW-Edition	BehavesLike.Win32.TrojanAitInject.bc
FireEye	Generic.mg.a26adeb90f9fa8c3
Emsisoft	Gen:Variant.Ransom.Shade.27 (B)
SentinelOne	Static AI – Malicious PE
Avira	TR/AD.MalwareCrypter.uppvh
eGambit	Unsafe.AI_Score_99%
Microsoft	Trojan:Win32/Tiggre!rfn
GData	Gen:Variant.Ransom.Shade.27
AhnLab-V3	Trojan/Win32.Yakes.C2366627
McAfee	Artemis!A26ADEB90F9F
MAX	malware (ai score=99)
VBA32	BScope.Trojan.Yakes
Malwarebytes	Malware.AI.4258149537
Panda	Trj/CI.A
TrendMicro-HouseCall	Mal_MiliCry-1c
Rising	Trojan.Generic@ML.100 (RDML:rLQfLB+3R3ijCA+MZc9b9g)
Yandex	Trojan.Yakes!AQXypH4sRco
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Kryptik.FQUM!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Win32/Kryptik.FMZJ?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Win32/Kryptik.FMZJ” infection