Malware

Win32/Kryptik.HKKQ (file analysis)

Malware Removal

The Win32/Kryptik.HKKQ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.HKKQ virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Uses Windows utilities for basic functionality
  • A process attempted to delay the analysis task by a long amount of time.
  • Creates a hidden or system file
  • Attempts to modify proxy settings
  • Anomalous binary characteristics

How to determine Win32/Kryptik.HKKQ?



File Info:

crc32: BEB602F0
md5: 2179de33d018271bb8d60334dd1d4ed6
name: 2179DE33D018271BB8D60334DD1D4ED6.mlw
sha1: feaa2bba1db09163c98908c990dcb04f7d5c19c3
sha256: 4eedda82bcd9d7789aa060262cbcddb7dccc4661e70984ebf31f80954ffc90a7
sha512: 795ec60cbb30f70048df6ed25956619fad84e9c0b968c8ef32966017cd18fd04dcae7b5c1c5ee873b5d8f2e6d90754b10c8ab7731dea96e2944f6d122a7e0074
ssdeep: 6144:g3FFkYOVg1cV4oprLHiK1oR6NI2K2WVgRZWxxtZM/PWH/xiBiqUjdr:3Y+XV4oB7S6+B2HLW7qW7Xj
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 2016 Bat Shoulder Corporation. All rights reserved
InternalName: Give.dll
HTTP: http://oceanabove.ru
FileVersion: 7.0.7.809
CompanyName: Bat Shoulder
ProductName: Bat Shoulder Subtract food Campfly
ProductVersion: 7.0.7.809
FileDescription: Subtract food Campfly
OriginalFilename: Give.dll
Translation: 0x0409 0x04b0

Win32/Kryptik.HKKQ also known as:

Elasticmalicious (high confidence)
ALYacSpyware.Ursnif
ESET-NOD32a variant of Win32/Kryptik.HKKQ
APEXMalicious
AvastFileRepMalware
BitDefenderTrojan.GenericKD.46098179
MicroWorld-eScanTrojan.GenericKD.46098179
Ad-AwareTrojan.GenericKD.46098179
FireEyeTrojan.GenericKD.46098179
KingsoftWin32.Troj.Undef.(kcloud)
GDataWin32.Trojan-Spy.Ursnif.6WBBM5
McAfeeArtemis!2179DE33D018
MAXmalware (ai score=80)
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!8.8 (CLOUD)
IkarusWin32.Outbreak
FortinetW32/Kryptik.HKKI!tr
AVGFileRepMalware

How to remove Win32/Kryptik.HKKQ?

Win32/Kryptik.HKKQ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment