Malware

Win32/Kryptik.GDXP (file analysis)

Malware Removal

The Win32/Kryptik.GDXP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.GDXP virus can do?

  • Presents an Authenticode digital signature
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Kryptik.GDXP?



File Info:

name: 16C3B5FEB24F65B06EF0.mlw
path: /opt/CAPEv2/storage/binaries/47e5c9f8624abdd33860d59c61de709650b40860e1946e0430a1fe3c06aba7b2
crc32: 836C6956
md5: 16c3b5feb24f65b06ef088eadaf4ac83
sha1: 37cb643ca512a90ef2166c2f3396d10b3f134722
sha256: 47e5c9f8624abdd33860d59c61de709650b40860e1946e0430a1fe3c06aba7b2
sha512: 9a3379149e5d5506e4231176cb1a0978f8a6f23f26c6de734b9efafd32ee7332e817c92d4cb63b786cd32eb16426bbdf31d35c0932e18eea721e29d737025f53
ssdeep: 49152:7DmW2ATnvcO4zyPq3+AQ/R6YVV+0e5LpQ:8A7vcOhPq3+Aa0Y//edK
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E1A59ECA7310EB05C06BF577C8CB0DEA46297E29D892641750C53CFE33B19699EE126E
sha3_384: 7521876f59dfead24ce320b42584d208778361572cf7e4a8f43e54d9d53eb442258d8753ca0f5b473bc53eff88873574
ep_bytes: 80ffffffff685852400068ec2e400064
timestamp: 2018-03-06 04:50:09


Version Info:

CompanyName: McAfee, Inc.
FileDescription: Security Scanner Startup DLL
FileVersion: 3,11,500,0
InternalName: SecurityScanner
LegalCopyright: Copyright © 2016 McAfee, Inc.
OriginalFilename: SecurityScanner.dll
ProductName: McAfee Security Scanner +
ProductVersion: 3,11,0,0
Translation: 0x0409 0x00b0

Win32/Kryptik.GDXP also known as:

BkavW32.AIDetect.malware2
LionicHacktool.Win32.Katusha.x!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Autoruns.GenericKD.32175649
FireEyeGeneric.mg.16c3b5feb24f65b0
ALYacTrojan.Autoruns.GenericKD.32175649
MalwarebytesMalware.AI.1243430108
ZillyaTrojan.Kryptik.Win32.1373432
K7AntiVirusTrojan ( 0052974b1 )
AlibabaTrojan:Win32/Katusha.25754e87
K7GWTrojan ( 0052974b1 )
Cybereasonmalicious.eb24f6
BitDefenderThetaGen:NN.ZexaF.34084.fA2@a0N8V8hi
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GDXP
TrendMicro-HouseCallTrojan.Win32.EKSTAK.SM
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Packed.Win32.Katusha.gen
BitDefenderTrojan.Autoruns.GenericKD.32175649
NANO-AntivirusRiskware.Win32.BitCoinMiner.eyqjnb
TencentMalware.Win32.Gencirc.10c8af30
Ad-AwareTrojan.Autoruns.GenericKD.32175649
SophosICLoader (PUA)
ComodoTrojWare.Win32.SpyEyes.BSWP@7k7ll0
DrWebTrojan.BtcMine.2428
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojan.Win32.EKSTAK.SM
McAfee-GW-EditionBehavesLike.Win32.Downloader.vc
EmsisoftTrojan.Autoruns.GenericKD.32175649 (B)
APEXMalicious
JiangminRiskTool.Generic.ilk
MaxSecureTrojan.Malware.121218.susgen
AviraTR/Crypt.XPACK.Gen2
Antiy-AVLTrojan/Generic.ASMalwS.24F8307
GDataTrojan.Autoruns.GenericKD.32175649
AhnLab-V3Trojan/Win32.CoinMiner.R222150
Acronissuspicious
VBA32BScope.Trojan.BtcMine
MAXmalware (ai score=98)
RisingTrojan.CoinMiner!1.AFF9 (CLASSIC)
YandexTrojan.GenAsa!gIEb810CzWE
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_50%
FortinetW32/GenKryptik.BSHP!tr
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_80% (W)

How to remove Win32/Kryptik.GDXP?

Win32/Kryptik.GDXP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment