Win32/Kryptik.HIQA information

The Win32/Kryptik.HIQA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Kryptik.HIQA virus can do?

Executable code extraction
Creates RWX memory
Possible date expiration check, exits too soon after checking local time
Expresses interest in specific running processes
Unconventionial language used in binary resources: Portuguese
The binary likely contains encrypted or compressed data.
The executable is compressed using UPX
Checks the CPU name from registry, possibly for anti-virtualization
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/Kryptik.HIQA?


File Info:
crc32: B3721054
md5: f0c86d27b27d44d11e5dc4c6a738bb1b
name: F0C86D27B27D44D11E5DC4C6A738BB1B.mlw
sha1: 7f3a5211fab648ba198afbde8c9ea69bf7b2352a
sha256: f46fcddaca56f561247347a71dc3a6db6b03ea42325497fa2cff9a7c29411b9d
sha512: 522552455663bbcc245be6727418c57626e450d370aec2e89d8803d3736a1470aa9aa97c257cbeea2b1b22461860f8e9e11d344916e73ec98bbb06789cce7323
ssdeep: 98304:9h+0e+S4Oqzmo8lTG0AiZ8b51XgV09xybj5XDlB+Hs3yDqFl0d3dx5JA+sfMddB:9kWDzQ1ZA1XgVyHD73+U6BKVpz
type: PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed

Version Info:
InternalSurname: debag.ekze
Prod: 1.2.2
FileVersions: 1.0.5.8
LegalCo: Copyri (C) 2019, permudationzy

Win32/Kryptik.HIQA also known as:

Elastic	malicious (high confidence)
FireEye	Generic.mg.f0c86d27b27d44d1
McAfee	Artemis!F0C86D27B27D
Cylance	Unsafe
Zillya	Trojan.Kryptik.Win32.2821079
Sangfor	Malware
K7AntiVirus	Trojan ( 00575dce1 )
BitDefender	Trojan.GenericKD.45391612
K7GW	Trojan ( 00575dce1 )
Cybereason	malicious.1fab64
Cyren	W32/Trojan.VJGV-7753
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	FileRepMalware
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win32.Zenpak.bddb
Alibaba	Backdoor:Win32/Glupteba.4a406cda
MicroWorld-eScan	Trojan.GenericKD.45391612
Rising	Trojan.Kryptik!8.8 (TFE:5:kaNjoczJ6H)
Ad-Aware	Trojan.GenericKD.45391612
Sophos	Mal/Generic-S
Comodo	Malware@#2x1o3o2ukcqoy
F-Secure	Trojan.TR/AD.GoCloudnet.jzijp
DrWeb	Trojan.Siggen11.57755
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	TROJ_GEN.F0CBC0UAJ21
McAfee-GW-Edition	BehavesLike.Win32.Trojan.rc
Emsisoft	Trojan.GenericKD.45391612 (B)
Ikarus	Trojan.Crypt
Jiangmin	Exploit.ShellCode.bgf
Avira	TR/AD.GoCloudnet.jzijp
MAX	malware (ai score=82)
Microsoft	Trojan:Win32/Glupteba.NY!MTB
Gridinsoft	Ransom.Win32.Wacatac.oa
Arcabit	Trojan.Generic.D2B49EFC
ZoneAlarm	Trojan.Win32.Zenpak.bddb
GData	Trojan.GenericKD.45391612
AhnLab-V3	Malware/Win32.RL_Tofsee.R362453
Acronis	suspicious
BitDefenderTheta	Gen:NN.ZexaF.34780.@pGfaeZ0lHpG
ALYac	Trojan.GenericKD.45391612
VBA32	Trojan.Glupteba
Malwarebytes	Trojan.MalPack.GS
Panda	Trj/Agent.JMA
ESET-NOD32	a variant of Win32/Kryptik.HIQA
TrendMicro-HouseCall	TROJ_GEN.F0CBC0UAJ21
Tencent	Win32.Trojan.Zenpak.Ects
SentinelOne	Static AI – Malicious PE
eGambit	Unsafe.AI_Score_97%
Fortinet	W32/Kryptik.HGHW!tr
Webroot	W32.Trojan.Gen
AVG	FileRepMalware
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	Generic/HEUR/QVM11.1.77BD.Malware.Gen

How to remove Win32/Kryptik.HIQA?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win32/Kryptik.HIQA information