Win32/Kryptik.GHFR information

The Win32/Kryptik.GHFR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.GHFR virus can do?

Executable code extraction
Creates RWX memory
The binary likely contains encrypted or compressed data.
Crashed cuckoomon during analysis. Report this error to the Github repo.
Network activity detected but not expressed in API logs
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/Kryptik.GHFR?


File Info:
crc32: 92E33999
md5: 944b1811ebcd1568f04cd5f64d138fe3
name: 944B1811EBCD1568F04CD5F64D138FE3.mlw
sha1: 06069e6a781f57831418b2c5e1bf031827f946c7
sha256: 500049dcd362d550436d1c6fa6495369651d0efe931f9b43391fb0d4834c74fb
sha512: c5aa4f7fc49da434437d5588a5930f6dafe40801af0ed511e152e0ee445e20dd9226b0e84b7ce3911e43a076191814cafd6282991ba35eec525434b6a30559c1
ssdeep: 3072:Q9iJ4khMeQ+AwV5H3mkrrTUoD/1EWrzXG1Vag7DONNt4/6eQHtV9nLKJs+qxnTDd:T4L+TXfEG7LmKNNte6eQNzLKGndTTq+3
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32/Kryptik.GHFR also known as:

Bkav	W32.AIDetect.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Ransom.GandCrab.Gen.2
FireEye	Generic.mg.944b1811ebcd1568
CAT-QuickHeal	Trojan.Cloxer.A06
McAfee	Trojan-FPPS!944B1811EBCD
Cylance	Unsafe
Zillya	Trojan.GandCrypt.Win32.250
Sangfor	Trojan.Win32.Save.a
K7AntiVirus	Trojan ( 0001140e1 )
BitDefender	Trojan.Ransom.GandCrab.Gen.2
K7GW	Trojan ( 0001140e1 )
Cybereason	malicious.1ebcd1
Cyren	W32/S-184acebd!Eldorado
Symantec	Packed.Generic.525
APEX	Malicious
Avast	FileRepMalware
ClamAV	Win.Ransomware.Gandcrab-6749155-0
Kaspersky	HEUR:Trojan.Win32.Generic
NANO-Antivirus	Trojan.Win32.GandCrypt.fczens
ViRobot	Trojan.Win32.GandCrab.Gen.A
AegisLab	Trojan.Win32.GandCrypt.j!c
Tencent	Malware.Win32.Gencirc.10b16bf5
Ad-Aware	Trojan.Ransom.GandCrab.Gen.2
Emsisoft	Trojan.Ransom.GandCrab.Gen.2 (B)
Comodo	TrojWare.Win32.Magniber.FGH@7nyazg
F-Secure	Heuristic.HEUR/AGEN.1103299
DrWeb	Trojan.Encoder.24384
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom.Win32.GANDCRAB.SMLA.hp
McAfee-GW-Edition	BehavesLike.Win32.Generic.cc
Sophos	Mal/Generic-R + Mal/Agent-AUL
Ikarus	Trojan.Crypt
Jiangmin	Trojan.GandCrypt.dt
MaxSecure	Ransomeware.GandCrypt.Gen
Avira	HEUR/AGEN.1103299
MAX	malware (ai score=100)
Antiy-AVL	Trojan[Ransom]/Win32.GandCrypt
Microsoft	Trojan:Win32/GandCrypt.DSK!MTB
Arcabit	Trojan.Ransom.GandCrab.Gen.2
SUPERAntiSpyware	Trojan.Agent/Gen-Kryptik
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Trojan.Ransom.GandCrab.Gen.2
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/Gandcrab.Exp
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34590.lyX@aaufE2gi
ALYac	Trojan.Ransom.GandCrab.Gen.2
TACHYON	Ransom/W32.GandCrab
VBA32	BScope.TrojanRansom.GandCrypt
Malwarebytes	Trojan.MalPack
Panda	Trj/Genetic.gen
ESET-NOD32	a variant of Win32/Kryptik.GHFR
TrendMicro-HouseCall	Ransom.Win32.GANDCRAB.SMLA.hp
Rising	Trojan.Kryptik!1.B2AC (CLOUD)
Yandex	Trojan.GenAsa!Ukb07rQNM5E
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/GenKryptik.CNAR!tr
AVG	FileRepMalware
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	Win32/Trojan.Ransom.0ba

How to remove Win32/Kryptik.GHFR?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win32/Kryptik.GHFR information