Malware

About “Win32/Kryptik.GJRD” infection

Malware Removal

The Win32/Kryptik.GJRD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/Kryptik.GJRD virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial language used in binary resources: Czech
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Checks the CPU name from registry, possibly for anti-virtualization

How to determine Win32/Kryptik.GJRD?


File Info:

crc32: C22666F8
md5: 1271f7bdc1253f8c1bf1c7ff9fc061ad
name: 1271F7BDC1253F8C1BF1C7FF9FC061AD.mlw
sha1: 68dbf262c9ef5181c5f76ae012d7953d01e5dfb6
sha256: 8cf70695c0e391ef3b5135589f7ad192cfad0ddd09189920b982c243b9e5f509
sha512: 77c631bc86d40fc9983b830e4f1d38ed37e6ca487623269064f409a20f0717483b294003a64b2a5c3ecf080fa8b78bfdb9c90069eb3841884b36b183efc515c1
ssdeep: 6144:VOms89KHVtDbydhCCJlLM4AOjK4DE3p/Z2P6knWB/r:VOX1tDbydhVjNhE3px2PJWBT
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Copyright (C) 2017, cixacpgola
FileVersion: 8.4.3.12

Win32/Kryptik.GJRD also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0053a0511 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.24300
CAT-QuickHealTrojan.Mauvaise.SL1
ALYacTrojan.Ransom.GandCrab
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
BitDefenderGen:Variant.Razy.812744
K7GWTrojan ( 0053a0511 )
Cybereasonmalicious.dc1253
SymantecPacked.Generic.525
ESET-NOD32a variant of Win32/Kryptik.GJRD
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
AlibabaTrojan:Win32/Kryptik.2fe41c84
NANO-AntivirusTrojan.Win32.GandCrypt.fifeuo
ViRobotTrojan.Win32.R.Agent.313344.M
MicroWorld-eScanGen:Variant.Razy.812744
Ad-AwareGen:Variant.Razy.812744
SophosMal/Generic-S + Mal/GandCrab-G
ComodoTrojWare.Win32.Crypt.ACE@7wfy01
F-SecureHeuristic.HEUR/AGEN.1103322
BitDefenderThetaGen:NN.ZexaF.34670.tu0@aCCr90nG
TrendMicroMal_HPGen-50
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
FireEyeGeneric.mg.1271f7bdc1253f8c
EmsisoftGen:Variant.Razy.812744 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.blcud
WebrootW32.Adware.Installcore
AviraHEUR/AGEN.1103322
eGambitUnsafe.AI_Score_96%
Antiy-AVLTrojan[Ransom]/Win32.GandCrypt
SUPERAntiSpywareTrojan.Agent/Gen-Kryptik
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataWin32.Trojan-Ransom.GandCrab.N
AhnLab-V3Win-Trojan/MalPe34.Suspicious.X2029
Acronissuspicious
VBA32Trojan.Fuerboos
MalwarebytesMalware.AI.3626873827
TrendMicro-HouseCallMal_HPGen-50
TencentWin32.Trojan.Generic.Dwjh
YandexTrojan.GenAsa!oSjEHxLwVSw
IkarusTrojan.Crypt
MaxSecureRansomeware.CRAB.gen
FortinetW32/Kryptik.GKJF!tr
PandaTrj/GdSda.A
Qihoo-360Win32/Trojan.Generic.HwoCEpsA

How to remove Win32/Kryptik.GJRD?

Win32/Kryptik.GJRD removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment