Malware

About “Win32/Kryptik.GVSY” infection

Malware Removal

The Win32/Kryptik.GVSY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.GVSY virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Attempts to execute a powershell command with suspicious parameter/s
  • A process created a hidden window
  • Unconventionial language used in binary resources: Hindi
  • The binary likely contains encrypted or compressed data.
  • A scripting utility was executed
  • Attempts to stop active services
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Anomalous binary characteristics

How to determine Win32/Kryptik.GVSY?



File Info:

crc32: B06BFF37
md5: 06021a517db4240301665aa855c0b9ce
name: 06021A517DB4240301665AA855C0B9CE.mlw
sha1: ee783b9b8aedcb57e10280354211aa547cc443d3
sha256: 884e723e1b57bbee3f76c11d4c84fd4e9df3dbdb46c9c37cdc7efa5d118b938a
sha512: f030f12316aebbd803126c34dbc3836f56667cc60f77703e7b2935c21afd138a0c77f6005d8a774e69a23eb789234ac008ef466648bd6b2f2d3ac2ff9ba51272
ssdeep: 6144:4TtDPTZ/ewTAZx3Tls4NDHQjJIJgwmDuIRjTWh0:+tDPTZ/beB/UjJIJfqJX
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Win32/Kryptik.GVSY also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0055658e1 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.26375
CynetMalicious (score: 100)
CAT-QuickHealRansom.Stop.MP4
ALYacTrojan.Ransom.Sodinokibi
CylanceUnsafe
ZillyaTrojan.Kryptik.Win32.1769842
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Kryptik.ae7cd39c
K7GWTrojan ( 0055658e1 )
Cybereasonmalicious.17db42
CyrenW32/Kryptik.ACL.gen!Eldorado
SymantecPacked.Generic.525
ESET-NOD32a variant of Win32/Kryptik.GVSY
APEXMalicious
AvastWin32:Malware-gen
KasperskyTrojan.Win32.Zenpak.iho
BitDefenderTrojan.Autoruns.GenericKD.41620706
NANO-AntivirusTrojan.Win32.Zenpak.fwkeiv
ViRobotBackdoor.Win32.Remcos.260096
MicroWorld-eScanTrojan.Autoruns.GenericKD.41620706
TencentWin32.Trojan.Raas.Auto
Ad-AwareTrojan.Autoruns.GenericKD.41620706
SophosMal/Generic-R + Mal/GandCrab-H
ComodoMalware@#212ai85dkkkj3
BitDefenderThetaGen:NN.ZexaF.34670.uuW@aGOadjkG
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojan.Win32.SODINOK.SM.hp
McAfee-GW-EditionBehavesLike.Win32.Trojan.fh
FireEyeGeneric.mg.06021a517db42403
EmsisoftTrojan.Autoruns.GenericKD.41620706 (B)
SentinelOneStatic AI – Malicious PE
AviraHEUR/AGEN.1107506
eGambitUnsafe.AI_Score_98%
MicrosoftTrojan:Win32/Gandcrab.AF
ArcabitTrojan.Autoruns.Generic.D27B14E2
AegisLabTrojan.Win32.Autoruns.4!c
GDataTrojan.Autoruns.GenericKD.41620706
AhnLab-V3Win-Trojan/MalPe23.Suspicious.X2005
Acronissuspicious
McAfeeTrojan-FRJR!06021A517DB4
MAXmalware (ai score=80)
VBA32BScope.Trojan.Wacatac
MalwarebytesRansom.Sodinokibi
PandaTrj/GdSda.A
TrendMicro-HouseCallTrojan.Win32.SODINOK.SM.hp
RisingMalware.Obscure/Heur!1.9E03 (CLOUD)
YandexTrojan.Zenpak!J09nv/whBs0
IkarusTrojan.Krypt
MaxSecureTrojan.Malware.74511783.susgen
FortinetW32/Kryptik.GWIV!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.Zenpak.HwoCvIIA

How to remove Win32/Kryptik.GVSY?

Win32/Kryptik.GVSY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment