Categories: Malware

Win32/Kryptik.HFPA information

The Win32/Kryptik.HFPA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.HFPA virus can do?

Executable code extraction
Creates RWX memory
Reads data out of its own binary image
HTTP traffic contains suspicious features which may be indicative of malware related traffic
Performs some HTTP requests
The binary likely contains encrypted or compressed data.

Related domains:

z.whorecord.xyz

a.tomx.xyz

r4—sn-4g5e6nl6.gvt1.com

update.googleapis.com

redirector.gvt1.com

r1—sn-4g5ednsr.gvt1.com

How to determine Win32/Kryptik.HFPA?


File Info:
crc32: 41A85BFAmd5: 1c2fb4cc6eeebd6e5f72fb81dfe18a04name: upload_filesha1: a464f091d1e6f7572facbe72cc1f296042a09ec2sha256: ca1c5215e18af0875f7ed0c0fb4c86e2e427df05533601f7f51bdef6f57a85ecsha512: 087b33d99f2b95e0c165b34ac0a5f94a2c58313b55ec80f110023ccbaf8b49d34bfe7d817bcf28f2d8d6c804528d385d3ef9f0f48f971763920f7738af83a785ssdeep: 12288:5JVyZoTyeGhgVH+RJAOyQkNvOzxTjk8S+yGHCm2yVX:5bymOeGhu+3R2OtTI8SEHzbBtype: PE32 executable (GUI) Intel 80386, for MS Windows
Version Info:
LegalCopyright: Copyright (C) 2003InternalName: Microsoft SQL Server is a registered trademark of Microsoft Corporation.FileVersion: 1, 0, 0, 1CompanyName: PrivateBuild: LegalTrademarks: Comments: ProductName: Microsoft SQL Server is a registered trademark of Microsoft Corporation.SpecialBuild: ProductVersion: 1, 0, 0, 1FileDescription: Microsoft SQL Server is a registered trademark of Microsoft Corporation.OriginalFilename: Microsoft SQL Server is a registered trademark of Microsoft Corporation..EXETranslation: 0x0409 0x04b0

Win32/Kryptik.HFPA also known as:

Bkav	W32.AIDetectVM.malware2
Elastic	malicious (high confidence)
DrWeb	Trojan.Packed.140
MicroWorld-eScan	Trojan.GenericKD.43688826
FireEye	Generic.mg.1c2fb4cc6eeebd6e
CAT-QuickHeal	Trojan.Ludicrouz
McAfee	Emotet-FRV!1C2FB4CC6EEE
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
K7AntiVirus	Trojan ( 0056cba81 )
BitDefender	Trojan.GenericKD.43688826
K7GW	Trojan ( 0056cba81 )
CrowdStrike	win/malicious_confidence_60% (W)
TrendMicro	TROJ_GEN.R011C0DHK20
BitDefenderTheta	Gen:NN.Zextet.34196.Lq1@aGU7Clei
Cyren	W32/Emotet.DVAJ-6757
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Paloalto	generic.ml
Kaspersky	Trojan.Win32.Zenpak.atid
Alibaba	Backdoor:Win32/TrickBot.c7d9ba0f
Tencent	Malware.Win32.Gencirc.10cde9b8
Ad-Aware	Trojan.GenericKD.43688826
Sophos	Mal/Generic-S
F-Secure	Heuristic.HEUR/AGEN.1137265
Emsisoft	Trojan.Crypt (A)
Ikarus	Trojan.Win32.Crypt
Jiangmin	Trojan.Zenpak.cvg
Avira	HEUR/AGEN.1137265
Antiy-AVL	Trojan/Win32.Zenpak
Microsoft	Trojan:Win32/TrickBot.DB!MTB
Arcabit	Trojan.Generic.D29AA37A
ZoneAlarm	Trojan.Win32.Zenpak.atid
GData	Win32.Trojan.PSE.12ZB29T
Cynet	Malicious (score: 85)
AhnLab-V3	Trojan/Win32.Emotet.R348610
VBA32	Trojan.Packed
ALYac	Trojan.GenericKD.43688826
MAX	malware (ai score=88)
Malwarebytes	Trojan.MalPack.TRE
ESET-NOD32	a variant of Win32/Kryptik.HFPA
TrendMicro-HouseCall	TROJ_GEN.R011C0DHK20
Rising	Trojan.Kryptik!8.8 (CLOUD)
SentinelOne	DFI – Suspicious PE
Fortinet	W32/Emotet.E88D!tr
AVG	Win32:Trojan-gen
Panda	Trj/Genetic.gen
Qihoo-360	Win32/Trojan.41a