Malware

What is “Win32/Kryptik.FZXA”?

Malware Removal

The Win32/Kryptik.FZXA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.FZXA virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Anomalous binary characteristics

How to determine Win32/Kryptik.FZXA?



File Info:

crc32: 0C5FEA60
md5: cd0717b9b3bed0a867d1bb336b4e3435
name: CD0717B9B3BED0A867D1BB336B4E3435.mlw
sha1: 37fbcdc20fc34dd8c1b92edca38564dff870de95
sha256: 013dbddaecc4f28bf053ce1643c4acdc992b74d1fe7d53c76419a28804dd7ac8
sha512: 5cf90793eb1125e6c6adf28fd2c4be412a4febc3d5649c443f8a44800dafbd7db8dc81ddc8d12132c6a616334e196b171792bad543fa35dc958f0cd325889453
ssdeep: 3072:SjHRfBsOxEwETLtnEivJutqGrFwk3hy26zyKLWkG:SjHRpzSwCLtn1k3hy2iyo3G
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2020
ProductVersion: 1.0.0.1
OriginalFilename: hpqhvsei.dll
Translation: 0x0804 0x04b0

Win32/Kryptik.FZXA also known as:

BkavW32.AIDetectVM.malware2
MicroWorld-eScanGen:Variant.Graftor.487949
FireEyeGeneric.mg.cd0717b9b3bed0a8
McAfeeArtemis!CD0717B9B3BE
ALYacGen:Variant.Graftor.487949
SangforMalware
CrowdStrikewin/malicious_confidence_80% (D)
BitDefenderGen:Variant.Graftor.487949
SymantecML.Attribute.HighConfidence
APEXMalicious
GDataGen:Variant.Graftor.487949
KasperskyTrojan.Win32.Siscos.aayj
AlibabaBackdoor:Win32/Kryptik.3a24977e
TencentWin32.Trojan.Siscos.Syhr
EmsisoftGen:Variant.Graftor.487949 (B)
ComodoMalware@#d9n4b4sjuj5
F-SecureTrojan.TR/Crypt.Agent.dhwqp
IkarusTrojan.Win32.Crypt
AviraTR/Crypt.Agent.dhwqp
MAXmalware (ai score=89)
ArcabitTrojan.Graftor.D7720D
ZoneAlarmTrojan.Win32.Siscos.aayj
MicrosoftTrojan:Win32/Wacatac.C!ml
CynetMalicious (score: 85)
Ad-AwareGen:Variant.Graftor.487949
ESET-NOD32a variant of Win32/Kryptik.FZXA
TrendMicro-HouseCallTROJ_GEN.R002H09G420
RisingTrojan.Kryptik!8.8 (CLOUD)
FortinetW32/Kryptik.FZXA!tr
BitDefenderThetaGen:NN.ZedlaF.34130.ju8@aOU4fShj
Paloaltogeneric.ml
Qihoo-360Trojan.Generic

How to remove Win32/Kryptik.FZXA?

Win32/Kryptik.FZXA removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment