Categories: Malware

Win32/Kryptik.GYYN information

The Win32/Kryptik.GYYN is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.GYYN virus can do?

Executable code extraction
Creates RWX memory
A process attempted to delay the analysis task.
A process created a hidden window
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
The binary likely contains encrypted or compressed data.
Uses Windows utilities for basic functionality
Deletes its original binary from disk
Network activity contains more than one unique useragent.
Anomalous binary characteristics
Uses suspicious command line tools or Windows utilities

Related domains:

gg-clean.hk

How to determine Win32/Kryptik.GYYN?


File Info:
crc32: B5B5E69Cmd5: 95f1396235e635d68f335d0471be8590name: kiskis.exesha1: c488c31df86ef0b93b14e9abc6c93f0ab4e01804sha256: 33ad5b9b63a4d4d073bc25ca56a825d1c6a04bcdeeb9dae6edab99693fcf3590sha512: e2a156fce1b8869c0f68f0b4806098c47e14f51fa887dad1d3298b5b1320452564e17e79980a822b1bc165770fa2f49390593e650077d76e15f4db0e5c2e517assdeep: 6144:8sWKJLypvr8LFgAW4tGw8sGzckgMdh0Tl9:tMJ8LFhN828dhYtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
Translation: 0x0219 0x04e4

Win32/Kryptik.GYYN also known as:

DrWeb	Trojan.Siggen8.58570
MicroWorld-eScan	Trojan.GenericKD.32769107
McAfee	RDN/Generic.rp
Cylance	Unsafe
Sangfor	Malware
K7AntiVirus	Trojan ( 003c36381 )
BitDefender	Trojan.GenericKD.32769107
K7GW	Trojan ( 003c36381 )
Cybereason	malicious.df86ef
BitDefenderTheta	Gen:NN.ZexaF.32515.su0@aSHniDh
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
ClamAV	Win.Packed.Tofsee-7413745-0
GData	Trojan.GenericKD.32769107
Kaspersky	Trojan-Downloader.Win32.Upatre.ihdv
Alibaba	TrojanDownloader:Win32/Upatre.24774ed4
AegisLab	Trojan.Multi.Generic.4!c
Rising	Trojan.Generic@ML.100 (RDMK:3qeApCfO2VqVHeQwRlWNug)
Ad-Aware	Trojan.GenericKD.32769107
Sophos	Mal/Generic-S
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.MultiPlug.dc
Trapmine	malicious.high.ml.score
FireEye	Generic.mg.95f1396235e635d6
SentinelOne	DFI – Malicious PE
Cyren	W32/Trojan.TPXH-4026
Jiangmin	TrojanDownloader.Bandit.ayc
Endgame	malicious (high confidence)
Arcabit	Trojan.Generic.D1F40453
ZoneAlarm	Trojan-Downloader.Win32.Upatre.ihdv
Microsoft	Trojan:Win32/GandCrypt.GE!MTB
Acronis	suspicious
VBA32	Malware-Cryptor.Limpopo
ALYac	Trojan.GenericKD.32769107
MAX	malware (ai score=83)
Malwarebytes	Trojan.MalPack.GS
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Kryptik.GYYN
Ikarus	Trojan.Win32.Crypt
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Malicious_Behavior.VEX
AVG	FileRepMalware
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Trojan.Downloader.fdd