About "Win32/Kryptik.FNYG" infection

The Win32/Kryptik.FNYG is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.FNYG virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Attempts to connect to a dead IP:Port (3 unique times)
Creates RWX memory
Performs some HTTP requests
Detects Sandboxie through the presence of a library
Executed a process and injected code into it, probably while unpacking
Attempts to remove evidence of file being downloaded from the Internet
Deletes its original binary from disk
A system process is generating network traffic likely as a result of process injection
Installs itself for autorun at Windows startup
Creates a hidden or system file
Checks the presence of disk drives in the registry, possibly for anti-virtualization
Creates a copy of itself

Related domains:

www.bing.com

www.adobe.com

How to determine Win32/Kryptik.FNYG?


File Info:
crc32: 4E4F7F7C
md5: 3c439ea574e8cd751912fba378172464
name: 3C439EA574E8CD751912FBA378172464.mlw
sha1: bd8afaa106ed5f345577f1e4f5e0cb8d20ae2911
sha256: d58bfb1a84970fd13067a9029da2fe691cf7a07b24364129fb3b06758a744dce
sha512: 2ee98d24238b11636c3bc7c10e7f1a3dc4672baac7d24829337765d36c54bd751988eeb498e84fb84b6be45c884fb6c8ebab60096a38c591ae6b77a67ba7944b
ssdeep: 3072:bhAZmvq3lD++kb6YaCU6qH3SAAWSY35u318RB4k1XTdAG:1hvqlJk2vft3ScSYg3WRDWG
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
LegalCopyright: 2015
InternalName: Wondershare
FileVersion: 3.8.0.3
LegalTrademarks: Wondershare
ProductName: Wondershare DVD Creator Crack UZ1
ProductVersion: 3.8.0.3
FileDescription: Wondershare DVD Creator Crack UZ1
OriginalFilename: DVDCreator.exe
Translation: 0x0409 0x04b0

Win32/Kryptik.FNYG also known as:

Bkav	W32.AIDetect.malware2
K7AntiVirus	Riskware ( 0040eff71 )
Elastic	malicious (high confidence)
Cynet	Malicious (score: 99)
ALYac	Gen:Variant.Ransom.JaffCrypt.5
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.1046312
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Trojan:Win32/Yakes.3a368991
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.574e8c
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.FNYG
APEX	Malicious
Avast	Win32:Malware-gen
Kaspersky	Trojan.Win32.Yakes.shuy
BitDefender	Gen:Variant.Ransom.JaffCrypt.5
NANO-Antivirus	Trojan.Win32.Yakes.elhpbo
MicroWorld-eScan	Gen:Variant.Ransom.JaffCrypt.5
Tencent	Win32.Trojan.Yakes.Lkxn
Ad-Aware	Gen:Variant.Ransom.JaffCrypt.5
Sophos	Mal/Generic-S
BitDefenderTheta	Gen:NN.ZexaF.34142.nq0@aCxOO9hi
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Mal_MiliCry-1h
McAfee-GW-Edition	BehavesLike.Win32.Worm.dh
FireEye	Generic.mg.3c439ea574e8cd75
Emsisoft	Gen:Variant.Ransom.JaffCrypt.5 (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1128643
eGambit	Unsafe.AI_Score_99%
Kingsoft	Win32.Troj.Yakes.sh.(kcloud)
Microsoft	PWS:Win32/Zbot!ml
GData	Gen:Variant.Ransom.JaffCrypt.5
AhnLab-V3	Trojan/Win32.Yakes.C2187508
Acronis	suspicious
McAfee	Artemis!3C439EA574E8
MAX	malware (ai score=100)
VBA32	Trojan.Yakes
Panda	Trj/CI.A
TrendMicro-HouseCall	Mal_MiliCry-1h
Rising	Trojan.Generic@ML.100 (RDML:QS1ST94G2EScbO6ffZO5ew)
Yandex	Trojan.Yakes!vNfX6H+4Xos
Ikarus	Trojan-Ransom.GandCrab
Fortinet	W32/Malicious_Behavior.VEX
AVG	Win32:Malware-gen
Paloalto	generic.ml

How to remove Win32/Kryptik.FNYG?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About “Win32/Kryptik.FNYG” infection