Win32/Kryptik.GTKF malicious file

The Win32/Kryptik.GTKF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.GTKF virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
Steals private information from local Internet browsers
Collects information about installed applications
Checks the CPU name from registry, possibly for anti-virtualization
Harvests credentials from local FTP client softwares
Harvests information related to installed instant messenger clients
Harvests information related to installed mail clients
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

bestbtcchange.com

ip-api.com

How to determine Win32/Kryptik.GTKF?


File Info:
crc32: FD758DF0
md5: c4d54ae0e5f00661523f777c77a234e0
name: C4D54AE0E5F00661523F777C77A234E0.mlw
sha1: af2a2f30b69295d6916c9db190c2916f3f357edc
sha256: 8c18ee53f738c160e6d943af79a2810b8bcd8160c7e975351602df691f017aa3
sha512: fc3d011baed1b6b59b7d6cd20ac84def406ac7a4a2440a292acf631479f8a0eee1c5778808f16cddeb6612d44dad512d49505551648c6e19e0bf505404e626dc
ssdeep: 12288:G7QY/stL2JSKADw4ZorfmYqjjkrkrPbZVUaViIXlEIRbK:GMMYeqDw4ZoFgjWQEP
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32/Kryptik.GTKF also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Riskware ( 0040eff71 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Siggen8.29188
Cynet	Malicious (score: 100)
ALYac	Trojan.BRMon.Gen.4
Cylance	Unsafe
Zillya	Trojan.Generic.Win32.833609
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Ransom:Win32/GandCrab.f9fac5b5
K7GW	Riskware ( 0040eff71 )
Cybereason	malicious.0e5f00
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.GTKF
APEX	Malicious
Avast	Win32:CrypterX-gen [Trj]
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Trojan.BRMon.Gen.4
NANO-Antivirus	Trojan.Win32.Chapak.fqpjsh
SUPERAntiSpyware	Hack.Tool/Gen-BitCoinMiner
MicroWorld-eScan	Trojan.BRMon.Gen.4
Tencent	Win32.Trojan.Chapak.Szuz
Ad-Aware	Trojan.BRMon.Gen.4
Sophos	Mal/Generic-S + Mal/GandCrab-G
Comodo	TrojWare.Win32.Ransom.GandCrab.ASA@8bmkty
BitDefenderTheta	Gen:NN.ZexaF.34770.LyW@a8AOtKb
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Trojan.Win32.SODINOK.SM.hp
McAfee-GW-Edition	Sodinokibi!C4D54AE0E5F0
FireEye	Generic.mg.c4d54ae0e5f00661
Emsisoft	Trojan.BRMon.Gen.4 (B)
Jiangmin	Trojan.Chapak.dqm
Avira	HEUR/AGEN.1136564
eGambit	Unsafe.AI_Score_98%
Antiy-AVL	Trojan/Generic.ASMalwS.2BAB757
Microsoft	Ransom:Win32/GandCrab.AF!MTB
AegisLab	Trojan.Win32.NeutrinoPOS.4!c
GData	Trojan.BRMon.Gen.4
AhnLab-V3	Malware/Win32.Generic.R273844
Acronis	suspicious
McAfee	Sodinokibi!C4D54AE0E5F0
VBA32	BScope.TrojanBanker.NeutrinoPOS
Malwarebytes	Trojan.MalPack.GS.Generic
Panda	Trj/GdSda.A
TrendMicro-HouseCall	Trojan.Win32.SODINOK.SM.hp
Rising	Trojan.Generic@ML.86 (RDML:3cgptN1kxUuHxHz1UexhxQ)
Yandex	Trojan.Chapak!hCKv3A2pUhw
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.74345216.susgen
Fortinet	W32/GenKryptik.DJEQ!tr
AVG	Win32:CrypterX-gen [Trj]
Paloalto	generic.ml
Qihoo-360	Win32/Trojan.Generic.HgIASOMA

How to remove Win32/Kryptik.GTKF?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win32/Kryptik.GTKF malicious file