What is "Win32/Kryptik.HCGY"?

The Win32/Kryptik.HCGY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.HCGY virus can do?

Executable code extraction
Compression (or decompression)
Creates RWX memory
Unconventionial language used in binary resources: Arabic (Egypt)
Attempts to access Bitcoin/ALTCoin wallets
Harvests information related to installed instant messenger clients

Related domains:

2ip.ua

frankinshteyn.ru

How to determine Win32/Kryptik.HCGY?


File Info:
crc32: 09EB0B01
md5: 2e67fb98e5b6aa682a383c2b47c7bf8e
name: 2E67FB98E5B6AA682A383C2B47C7BF8E.mlw
sha1: fe2793b4b84be11a8be7ac1e454cbbcf413ddafa
sha256: 3cd2ecb72177621242168eb36ee23e03bd054dc82f8c11b394d69bbd8c86b743
sha512: cae0c6a04c4d5d0bfb6e079fa5e86200b61f89ea01be6a1839564bfea75f34fb26b6cc73ec7d788ee25e8c25393dde3c6cdda256c96db7b17b858e92b591ecd6
ssdeep: 6144:2ovFUihsXa5Nflk6Tv3eg4YTet4SWWLk5:2ovFb6GT3DSDg
type: PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows

Version Info:
0: [No Data]

Win32/Kryptik.HCGY also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.GenericKD.45002262
McAfee	RDN/Generic PWS.y
Cylance	Unsafe
AegisLab	Trojan.Win32.Tepfer.i!c
Sangfor	Malware
CrowdStrike	win/malicious_confidence_70% (D)
BitDefender	Trojan.GenericKD.45002262
K7GW	Trojan ( 00563b091 )
K7AntiVirus	Trojan ( 00563b091 )
Arcabit	Trojan.Generic.D2AEAE16
Cyren	W32/Trojan.CHUK-0217
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HCGY
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan-PSW.Win32.Tepfer.psyvnp
Alibaba	TrojanPSW:Win32/Tepfer.d85d2678
NANO-Antivirus	Virus.Win32.Gen.ccmw
Rising	Trojan.Generic@ML.99 (RDMK:gQ1IBqjPZbkEhkYTN3CbFg)
Ad-Aware	Trojan.GenericKD.45002262
Sophos	Mal/Generic-S
F-Secure	Trojan.TR/Crypt.XPACK.Gen
DrWeb	Trojan.Carberp.2630
McAfee-GW-Edition	BehavesLike.Win32.Generic.bt
FireEye	Generic.mg.2e67fb98e5b6aa68
Emsisoft	Trojan.GenericKD.45002262 (B)
Ikarus	Trojan.Win32.Crypt
Avira	TR/Crypt.XPACK.Gen
MAX	malware (ai score=84)
Kingsoft	Win32.Troj.Undef.(kcloud)
Microsoft	Trojan:Win32/Ymacco.AA3C
ZoneAlarm	Trojan-PSW.Win32.Tepfer.psyvnp
GData	Trojan.GenericKD.45002262
Cynet	Malicious (score: 100)
Acronis	suspicious
VBA32	BScope.Trojan.Waldek
ALYac	Spyware.PWS.Tepfer.Gen
TACHYON	Trojan-PWS/W32.Tepfer.775680.D
Malwarebytes	Spyware.Taurus
Panda	Trj/CI.A
TrendMicro-HouseCall	TROJ_GEN.R002H0CLE20
Tencent	Win32.Trojan.Crypt.Html
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Kryptik.HCGY!tr
BitDefenderTheta	Gen:NN.ZexaF.34688.VuW@aOAQQuaG
AVG	Win32:BankerX-gen [Trj]
Cybereason	malicious.4b84be
Avast	Win32:BankerX-gen [Trj]
Qihoo-360	Win32/Trojan.PSW.9ee

How to remove Win32/Kryptik.HCGY?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Win32/Kryptik.HCGY”?