Categories: Malware

Win32/Kryptik.HAIZ information

The Win32/Kryptik.HAIZ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.HAIZ virus can do?

Executable code extraction
Creates RWX memory
Attempts to repeatedly call a single API many times in order to delay analysis time
Network activity detected but not expressed in API logs

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/Kryptik.HAIZ?


File Info:
crc32: AB74C7B4md5: 45ed48498d907d84573c5620d2da508dname: zFMwJft8bHg0.exesha1: 7ff3d309ad4c23642d8e17be2ba6cd07516b752csha256: 44de1fda3315e9140ee467547a856e9e3c7f5f683b22b852590f69e2327be269sha512: 81d3d8028dd0c2c0a59d7800d9e8b65bf140bd998f0c1f9cce7fab401c1b628db2fecde0370a604e9a55359126d9ede442c13eb1d04f161981a3e96c9d345a1fssdeep: 6144:0T2ZfcAZDQvEL9QdUW1UWKUWV197qo1Dplm:C2ZC8SdUAUHUq19Ooletype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2002InternalName: PromptEdit_DemoFileVersion: 1, 0, 0, 1CompanyName: LegalTrademarks: ProductName: PromptEdit_Demo ApplicationProductVersion: 1, 0, 0, 1FileDescription: PromptEdit_Demo MFC ApplicationOriginalFilename: PromptEdit_Demo.EXETranslation: 0x0409 0x04b0

Win32/Kryptik.HAIZ also known as:

FireEye	Trojan.GenericKD.32958434
McAfee	Emotet-FPC!45ED48498D90
ALYac	Trojan.GenericKD.32958434
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Trojan ( 0055ef991 )
BitDefender	Trojan.GenericKD.32958434
K7GW	Trojan ( 0055ef991 )
BitDefenderTheta	Gen:NN.ZexaF.34082.uq1@aa!iGaki
F-Prot	W32/Emotet.ANF
Symantec	Trojan Horse
ESET-NOD32	a variant of Win32/Kryptik.HAIZ
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Trojan.Emotet-7545662-0
GData	Trojan.GenericKD.32958434
Kaspersky	UDS:DangerousObject.Multi.Generic
Alibaba	Trojan:Win32/starter.ali1000037
AegisLab	Trojan.Multi.Generic.4!c
Rising	Trojan.GenKryptik!8.AA55 (CLOUD)
Endgame	malicious (high confidence)
Emsisoft	Trojan.Emotet (A)
F-Secure	Trojan.TR/AD.Emotet.jzvhc
DrWeb	Trojan.DownLoader32.49007
TrendMicro	TrojanSpy.Win32.EMOTET.THAAGBO
McAfee-GW-Edition	Emotet-FPC!45ED48498D90
Trapmine	malicious.high.ml.score
Sophos	Mal/Encpk-AOZ
Ikarus	Trojan.Win32.Krypt
Cyren	W32/Emotet.SCYR-7043
Jiangmin	Trojan.Banker.Emotet.ncn
Webroot	W32.Trojan.Emotet
Avira	TR/AD.Emotet.jzvhc
MAX	malware (ai score=87)
Arcabit	Trojan.Generic.D1F6E7E2
AhnLab-V3	Malware/Win32.RL_Generic.R313373
ZoneAlarm	UDS:DangerousObject.Multi.Generic
Microsoft	Trojan:Win32/Emotet.ARJ!MTB
VBA32	BScope.Trojan.Downloader
Ad-Aware	Trojan.GenericKD.32958434
Malwarebytes	Trojan.Emotet
TrendMicro-HouseCall	TrojanSpy.Win32.EMOTET.SMD6.hp
Tencent	Malware.Win32.Gencirc.10b8b478
Fortinet	W32/GenKryptik.ECEO!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_80% (W)
Qihoo-360	Generic/Trojan.a4b