Malware

Should I remove “Win32/Kryptik.GTUK”?

Malware Removal

The Win32/Kryptik.GTUK is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.GTUK virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Mimics the system’s user agent string for its own requests
  • The binary likely contains encrypted or compressed data.
  • Checks for the presence of known windows from debuggers and forensic tools
  • Exhibits behavior characteristic of Locky ransomware
  • Exhibits possible ransomware file modification behavior
  • Appends a known Locky ransomware file extension to files that have been encrypted
  • Creates a known Locky ransomware decryption instruction / key file.

How to determine Win32/Kryptik.GTUK?



File Info:

crc32: 3335F00F
md5: add469245111dd8faaaaff1c89750528
name: ADD469245111DD8FAAAAFF1C89750528.mlw
sha1: e4250a94a0060ade7444d0ac42e116427a564cec
sha256: 26b30b75b43c82b58611352ad7ab1fbc671b71333ee0321210e6d620e252c7c8
sha512: 51b4674a4a471369afad4c7b26273c9c23c1874f22472c7ac9bc1becbac44bc5d6ed372fb74ebde7ba95810e14e3e00d1231619e1f04057eae316c59a1391b58
ssdeep: 6144:VTca5zKPOEVUnlZHju4pTvGazXh6n0RRJHjl93cg+1hZZC/:VBZKWEVElZDuoTK0JLChzC/
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (c) 2006-2014  McAfee, Inc.
InternalName: Extresult Sword
FileVersion: 1.5.31.809
CompanyName: McAfee, Inc.
PrivateBuild: 1.5.31.809
Comments: Attribute Studihw Events
ProductName: Extresult Sword
Languages: English
ProductVersion: 1.5.31.809
FileDescription: Attribute Studihw Events
OriginalFilename: Extresult Sword.exe
Translation: 0x0409 0x04b0

Win32/Kryptik.GTUK also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.34427836
FireEyeGeneric.mg.add469245111dd8f
Qihoo-360Win32/Ransom.Locky.HgIASOQA
McAfeeArtemis!ADD469245111
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00503ae41 )
BitDefenderTrojan.GenericKD.34427836
K7GWTrojan ( 00503ae41 )
Cybereasonmalicious.45111d
BitDefenderThetaGen:NN.ZexaF.34608.vq0@ayw97Xfi
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.GTUK
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan-Ransom.Win32.Locky.acoh
AlibabaRansom:Win32/generic.ali2000010
NANO-AntivirusTrojan.Win32.Locky.evfspy
RisingRansom.Locky!8.1CD4 (CLOUD)
Ad-AwareTrojan.GenericKD.34427836
SophosMal/Generic-S
ComodoMalware@#2pamzhwb3cihg
ZillyaTrojan.Locky.Win32.3297
TrendMicroRansom_HPLOCKY.SME
EmsisoftTrojan.GenericKD.34427836 (B)
IkarusTrojan-Spy.Remcos
AviraHEUR/AGEN.1128804
MAXmalware (ai score=100)
MicrosoftRansom:Win32/Locky
ArcabitTrojan.Generic.D20D53BC
ZoneAlarmTrojan-Ransom.Win32.Locky.acoh
GDataTrojan.GenericKD.34427836
CynetMalicious (score: 100)
Acronissuspicious
VBA32Trojan-Ransom.Locky
ALYacTrojan.GenericKD.34427836
MalwarebytesMachineLearning/Anomalous.96%
PandaTrj/CI.A
TrendMicro-HouseCallRansom_HPLOCKY.SME
TencentWin32.Trojan.Locky.Lrii
SentinelOneStatic AI – Suspicious PE
eGambitUnsafe.AI_Score_99%
FortinetW32/Kryptik.FNNB!tr
AVGWin32:Malware-gen
AvastWin32:Malware-gen
CrowdStrikewin/malicious_confidence_80% (D)

How to remove Win32/Kryptik.GTUK?

Win32/Kryptik.GTUK removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment