Malware

How to remove “Win32/Kryptik.GKSL”?

Malware Removal

The Win32/Kryptik.GKSL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Win32/Kryptik.GKSL virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial language used in binary resources: Turkish
  • The binary likely contains encrypted or compressed data.
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Win32/Kryptik.GKSL?


File Info:

crc32: 33F83472
md5: 58c9f86ab230cb36c13a785d4ef91477
name: 58C9F86AB230CB36C13A785D4EF91477.mlw
sha1: 0f7d794751adf63762900a48f271a452ae3a70c6
sha256: 888a64f6cc2d1bba8e1e450ff3cfcc227d2af03d58184f4a31e6dac54e8ca215
sha512: cdfc13c230a2d4cb9df3f9b80a61975f62f5274ab4dbd26f3be452ced8a3eb6a2a94a5709bddd94162f0f66ad73c1039f02edb6402cab23ca19ef2be012ce154
ssdeep: 3072:Svy6G9O+9Una+VjxzaMc4+ZsCNQz9ZQJOACuKLj69qVveX2Och:6y6G4VaE5espzXvACHLOI0X2Och
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

InternalName: sdafsdgsfdg.exe
FileVersion: 1.0.0.1
Translation: 0x0809 0x04b0

Win32/Kryptik.GKSL also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0053d5971 )
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Stealer.24403
CynetMalicious (score: 100)
ALYacTrojan.Ransom.GandCrab
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaRansom:Win32/GandCrypt.002002
K7GWTrojan ( 0053d5971 )
Cybereasonmalicious.ab230c
CyrenW32/Kryptik.IF.gen!Eldorado
SymantecPacked.Generic.525
ESET-NOD32a variant of Win32/Kryptik.GKSL
APEXMalicious
AvastWin32:PWSX-gen [Trj]
ClamAVWin.Dropper.Gandcrab-6683447-0
KasperskyTrojan-Ransom.Win32.GandCrypt.ewm
BitDefenderTrojan.BRMon.Gen.4
NANO-AntivirusTrojan.Win32.GandCrypt.fhowan
SUPERAntiSpywareRansom.GandCrab/Variant
MicroWorld-eScanTrojan.BRMon.Gen.4
TencentWin32.Trojan.Gandcrypt.Syij
Ad-AwareTrojan.BRMon.Gen.4
SophosML/PE-A + Mal/GandCrab-B
ComodoTrojWare.Win32.TrojanSpy.Ursnif.EM@7vyz23
BitDefenderThetaGen:NN.ZexaF.34670.ku0@aORCHMfG
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojanSpy.Win32.URSNIF.SMKB.hp
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
FireEyeGeneric.mg.58c9f86ab230cb36
EmsisoftTrojan.BRMon.Gen.4 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1106537
eGambitUnsafe.AI_Score_99%
MicrosoftTrojan:Win32/Predator!ml
ArcabitTrojan.BRMon.Gen.4
AegisLabTrojan.Win32.GandCrypt.4!c
GDataWin32.Trojan-Ransom.GandCrab.O
AhnLab-V3Win-Trojan/MalPe34.Suspicious.X2029
Acronissuspicious
McAfeePacked-FLX!58C9F86AB230
MAXmalware (ai score=100)
VBA32BScope.Trojan.Fuerboos
MalwarebytesTrojan.MalPack.GS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTrojanSpy.Win32.URSNIF.SMKB.hp
RisingTrojan.Vigorf!8.EAEA (CLOUD)
IkarusTrojan.Crypt
FortinetW32/Kryptik.GKSY!tr
AVGWin32:PWSX-gen [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.GandCrab.HwoCEpsA

How to remove Win32/Kryptik.GKSL?

Win32/Kryptik.GKSL removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment