Malware

What is “Win32/Kryptik.FNJM”?

Malware Removal

The Win32/Kryptik.FNJM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.FNJM virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Queries information on disks for anti-virtualization via Device Information APIs
  • Executed a process and injected code into it, probably while unpacking
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Attempts to modify proxy settings

How to determine Win32/Kryptik.FNJM?



File Info:

crc32: 7D2AE566
md5: ace0759a96dc79406b53f31d5addf216
name: ACE0759A96DC79406B53F31D5ADDF216.mlw
sha1: 473335c8aef2824ab7981ead31dbf97984a41dc5
sha256: 8ae1716d68cf3862fd8149ac37d9fa49e76cf48ab712992852be890eb5cbf4f8
sha512: 60f69fe0f7898d26e51f81b78f6125f449e4c0eb0363c2d8b963ad9cd8ebc54627a75d3cddce3713dced310abc734c0e05238f14bd668e14c384022775b8cbcb
ssdeep: 3072:xbedwathWUCORMfp/fNJjN25/2MZbI78R2n4XzPOHbXYWb6FwakEzjr6oZu0VPoV:NwwaejNp/lfk2qjhbWXYW2FNjeoZDe2A
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (c) 2006-2014  Hamrick Software
InternalName: CableDemocratization
FileVersion: 2.6.6.4
CompanyName: Hamrick Software
LegalTrademarks: Copyright (c) 2006-2014  Hamrick Software
Comments: Distinct Resolutions Considering Delliss Readers
ProductName: CableDemocratization
Languages: English
ProductVersion: 2.6.6.4
FileDescription: Distinct Resolutions Considering Delliss Readers
OriginalFilename: CableDemocratization.exe
Translation: 0x0409 0x04b0

Win32/Kryptik.FNJM also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacGen:Variant.Ransom.JaffCrypt.5
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.2589504
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanSpy:Win32/Ursnif.6e4b7c65
K7GWTrojan ( 00503a991 )
K7AntiVirusTrojan ( 00503a991 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.FNJM
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan-Spy.Win32.Ursnif.vlk
BitDefenderGen:Variant.Ransom.JaffCrypt.5
NANO-AntivirusTrojan.Win32.Ursnif.evfbtr
MicroWorld-eScanGen:Variant.Ransom.JaffCrypt.5
TencentWin32.Trojan-spy.Ursnif.Lrie
Ad-AwareGen:Variant.Ransom.JaffCrypt.5
SophosMal/Generic-S
ComodoMalware@#zatbhihjis24
F-SecureHeuristic.HEUR/AGEN.1111822
BitDefenderThetaGen:NN.ZexaF.34608.sq0@a0OH!Fmi
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPLOCKY.SME
McAfee-GW-EditionBehavesLike.Win32.Dropper.dc
FireEyeGeneric.mg.ace0759a96dc7940
EmsisoftGen:Variant.Ransom.JaffCrypt.5 (B)
SentinelOneStatic AI – Suspicious PE
AviraHEUR/AGEN.1111822
eGambitUnsafe.AI_Score_99%
MicrosoftVirTool:Win32/Injector
ArcabitTrojan.Ransom.JaffCrypt.5
AegisLabTrojan.Win32.Generic.4!c
ZoneAlarmTrojan-Spy.Win32.Ursnif.vlk
GDataGen:Variant.Ransom.JaffCrypt.5
McAfeeArtemis!ACE0759A96DC
MAXmalware (ai score=99)
VBA32BScope.Trojan.Yakes
MalwarebytesMachineLearning/Anomalous.93%
PandaTrj/CI.A
TrendMicro-HouseCallRansom_HPLOCKY.SME
RisingRansom.Locky!8.1CD4 (CLOUD)
YandexTrojanSpy.Ursnif!Am/5poEB+IQ
IkarusTrojan.Win32.Crypt
FortinetW32/Kryptik.FNJM!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/TrojanPSW.Gozi.HgIASOkA

How to remove Win32/Kryptik.FNJM?

Win32/Kryptik.FNJM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment