Malware

Win32/Kryptik.HNWB information

Malware Removal

The Win32/Kryptik.HNWB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.HNWB virus can do?

  • Dynamic (imported) function loading detected
  • Presents an Authenticode digital signature
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Kryptik.HNWB?



File Info:

name: E48D3212609D5EB9B4C0.mlw
path: /opt/CAPEv2/storage/binaries/fab3c86d2ae675e2e705c27f064296712d6bdc1ffe8d4dfba79aeb0702b53696
crc32: DAA64A97
md5: e48d3212609d5eb9b4c0e8f8ae140a92
sha1: a1625afc080a89a8ef1a0c2ab9ff9aa22815e0d5
sha256: fab3c86d2ae675e2e705c27f064296712d6bdc1ffe8d4dfba79aeb0702b53696
sha512: cd5228d929b80a77b0b53c4498aef00130822b2170ee8b9d84585e1500b6a36c4b30a8403cc4b866571c7cb00f82a3d0ec85335e8ffaba4bf142d80fe8629f0c
ssdeep: 24576:8x08qf2SN2m3Q0NW+kFQKr1VJ9BMGdkbiXXfwwH:8x08qfJN2m3QUkhr1VJ9ToiXXj
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1A94508E016CA5D74D4FF19334EC98BFC20216C698D6D4B3A24EBF2992EB9FC30915196
sha3_384: 95c984bed1de0d3127bd74855c3ee2a50c921aa7e61c4bdc13661bd2d56ce934d4c696b4480dafcc23592f1aa5a48d4c
ep_bytes: ff15187146008bf06800000100ff153c
timestamp: 1970-01-01 00:00:00


Version Info:

CompanyName: AO Kaspersky Lab
FileDescription: wmi helper
FileVersion: 21.3.10.391
LegalCopyright: © 2021 AO Kaspersky Lab. All Rights Reserved.
LegalTrademarks: Registered trademarks and service marks are the property of their respective owners
ProductName: Kaspersky Anti-Virus
ProductVersion: 21.3.10.391
InternalName: wmicmd
OriginalFilename: wmicmd.EXE
Translation: 0x0409 0x04b0

Win32/Kryptik.HNWB also known as:

LionicTrojan.Win32.SelfDel.trXJ
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.38488078
FireEyeGeneric.mg.e48d3212609d5eb9
CAT-QuickHealTrojan.Convagent
ALYacTrojan.GenericKD.38488078
MalwarebytesTrojan.Clipper
SangforTrojan.Win32.SelfDel.hwsy
K7AntiVirusTrojan ( 0058c5841 )
AlibabaTrojan:Win32/SelfDel.0b242774
K7GWTrojan ( 0058c5841 )
BitDefenderThetaGen:NN.ZexaF.34212.lr1@aaiQ@Mci
CyrenW32/Trojan.HEE.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNWB
TrendMicro-HouseCallTrojan.Win32.SELFDEL.USMANLS21
KasperskyTrojan.Win32.SelfDel.hwsy
BitDefenderTrojan.GenericKD.38488078
AvastWin32:CrypterX-gen [Trj]
TencentWin32.Trojan.Selfdel.Ajvh
Ad-AwareTrojan.GenericKD.38488078
EmsisoftTrojan.GenericKD.38488078 (B)
ComodoMalware@#344g8bcr1r2ae
ZillyaTrojan.Kryptik.Win32.3683740
TrendMicroTrojan.Win32.SELFDEL.USMANLS21
McAfee-GW-EditionArtemis!Trojan
SophosMal/Generic-S
JiangminTrojan.Selfdel.tsr
MaxSecureTrojan.Malware.1728101.susgen
AviraTR/Redcap.qyiog
MAXmalware (ai score=86)
KingsoftWin32.Troj.Undef.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Sabsik!ml
GDataTrojan.GenericKD.38488078
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R462852
Acronissuspicious
McAfeeGenericRXAA-FA!E48D3212609D
VBA32TrojanBanker.Convagent
APEXMalicious
RisingTrojan.Kryptik!8.8 (CLOUD)
YandexTrojan.Kryptik!Oeu87L2z618
IkarusTrojan-Spy.Win32.CoinStealer
eGambitPE.Heur.InvalidSig
FortinetW32/Agent_AGen.LW!tr
WebrootW32.Trojan.Gen
AVGWin32:CrypterX-gen [Trj]
PandaTrj/Agent.ASH
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Kryptik.HNWB?

Win32/Kryptik.HNWB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment