Malware

Win32/Kryptik.FUUE information

Malware Removal

The Win32/Kryptik.FUUE is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.FUUE virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process created a hidden window
  • Uses Windows utilities for basic functionality
  • Attempts to modify desktop wallpaper
  • Exhibits behavior characteristic of Cerber ransomware
  • Attempts to execute a binary from a dead or sinkholed URL
  • Writes a potential ransom message to disk
  • Attempts to modify proxy settings
  • Attempts to access Bitcoin/ALTCoin wallets
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Win32/Kryptik.FUUE?



File Info:

crc32: 07C5268F
md5: 0fc79ca56e1559698417b0eeddf4ee4e
name: 0FC79CA56E1559698417B0EEDDF4EE4E.mlw
sha1: 48fd92c55364dc998dd62484917f774b323e66aa
sha256: 2820f31c14648684aaf1196f777078c9123f50714ceb67c48395196cc80d317e
sha512: 9a48a164855159a8de0694740efec436c94663c0a3a63fac92f11e29c0c08f7ca40d084e94c8a93f1e365ab7d2ba4d7ef9a4bfe4915912f853790135ab81db62
ssdeep: 6144:I0+srCoKmxsg9RfnCO5A3BtiW0cJrWbPlv9lClwBwrvaaVzsQ:I1srFzRK26c9io4vNQQ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2008-2010 ashampoo Technology GmbH Co. KG
InternalName: Cancel Autoplay 2
FileVersion: 2.0.0.0
CompanyName: Ashampoo
LegalTrademarks1: (
cel Autoplay 2: 0x06x01ProductVersion
.0: D
celAutoplay2.exe: Dx12x01ProductName
FileDescription: Cancel Autoplay 2
galTrademarks2: Px14x01OriginalFilename
Translation: 0x0409 0x04b0

Win32/Kryptik.FUUE also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005224381 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.4691
CynetMalicious (score: 100)
ALYacTrojan.Mint.Zamg.O
CylanceUnsafe
ZillyaTrojan.Zerber.Win32.3265
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaRansom:Win32/generic.ali2000010
K7GWTrojan ( 004ec6241 )
Cybereasonmalicious.56e155
CyrenW32/Cerber.CDRQ-7963
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.FUUE
APEXMalicious
AvastWin32:Filecoder-BG [Trj]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Mint.Zamg.O
NANO-AntivirusTrojan.Win32.Zerber.eqdqfq
MicroWorld-eScanTrojan.Mint.Zamg.O
TencentMalware.Win32.Gencirc.10b5e477
Ad-AwareTrojan.Mint.Zamg.O
SophosML/PE-A + Mal/Cerber-K
ComodoMalware@#qyup50o49ftq
BitDefenderThetaGen:NN.ZexaF.34608.Fq0@a4CAAYci
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPCERBER.SMALY5A
McAfee-GW-EditionBehavesLike.Win32.Ransomware.hh
FireEyeGeneric.mg.0fc79ca56e155969
EmsisoftTrojan.Mint.Zamg.O (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1129194
eGambitUnsafe.AI_Score_100%
MicrosoftRansom:Win32/Cerber
ArcabitTrojan.Mint.Zamg.O
AegisLabTrojan.Win32.Generic.4!c
GDataTrojan.Mint.Zamg.O
TACHYONRansom/W32.Cerber.523776
AhnLab-V3Win-Trojan/Cerber.Exp
Acronissuspicious
McAfeeRansomware-GBN!0FC79CA56E15
MAXmalware (ai score=100)
VBA32BScope.Trojan.Encoder
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_HPCERBER.SMALY5A
RisingTrojan.Kryptik!1.AD41 (CLASSIC)
YandexTrojan.GenKryptik!pPqCsgk5YCk
IkarusTrojan.Win32.Crypt
FortinetW32/Zamg.O!tr
AVGWin32:Filecoder-BG [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Filecoder.HxQBmScA

How to remove Win32/Kryptik.FUUE?

Win32/Kryptik.FUUE removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment