Malware

What is “Win32/Kryptik.HQNY”?

Malware Removal

The Win32/Kryptik.HQNY is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.HQNY virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Performs HTTP requests potentially not found in PCAP.
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Kannada
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Attempts to modify proxy settings

How to determine Win32/Kryptik.HQNY?



File Info:

name: A180E3B35120C3EB7AC5.mlw
path: /opt/CAPEv2/storage/binaries/7cc1e70947f9be48ad3edfb07cd26482b9a565367d0c6e9c6cfa5b0c12588183
crc32: 401F26A1
md5: a180e3b35120c3eb7ac5d6e10184d964
sha1: 6655d78db02d74c8adcfab3c6fbfbff12258029b
sha256: 7cc1e70947f9be48ad3edfb07cd26482b9a565367d0c6e9c6cfa5b0c12588183
sha512: ca181699782789e436695870c15a0226a7030d1709cfbcc29b872cee092633fd23ea64c66eed34a53c83b4bc709efde74da6d04bf9f2e9e2fd931eedba0e84cc
ssdeep: 6144:zT665JYMhKqV2V6x/saa6lGj+MYOoXFCFuzbgwuVM2vT:zTPJYMhTV2Ix/bw+MY9Ounn0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T15564D031BAACC831D4673630C8728FA115BFBC011565464677F82759AE31F8C6AE539F
sha3_384: b05bfb5770654abe26efa755ac1ab6ea485a397da43cf1fe5d398568e8421f2d114367138cf2608b1275a3ccec400d44
ep_bytes: e8964f0000e989feffff8bff558bec83
timestamp: 2021-08-29 06:30:33


Version Info:

FileVersions: 7.3.1.3
Copyright: Copyright (C) 2022, soboklos
ProjectVersion: 19.71.90.1

Win32/Kryptik.HQNY also known as:

BkavW32.AIDetect.malware1
LionicHeuristic.File.Generic.00×1!p
tehtrisGeneric.Malware
MicroWorld-eScanTrojan.GenericKD.61470747
FireEyeGeneric.mg.a180e3b35120c3eb
CAT-QuickHealTrojan.Multi
ALYacTrojan.GenericKD.61470747
SangforTrojan.Win32.Save.a
K7AntiVirusRiskware ( 0040eff71 )
AlibabaRansom:Win32/StopCrypt.9489091b
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.db02d7
CyrenW32/Kryptik.HGS.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.HQNY
APEXMalicious
Paloaltogeneric.ml
ClamAVWin.Packed.Stopcrypt-9965180-0
KasperskyHEUR:Trojan.Win32.Injuke.gen
BitDefenderTrojan.GenericKD.61470747
AvastWin32:PWSX-gen [Trj]
Ad-AwareTrojan.GenericKD.61470747
ComodoMalware@#3em5f7843fyc2
DrWebTrojan.DownLoader45.12759
VIPRETrojan.GenericKD.61470747
TrendMicroRansom_StopCrypt.R049C0DHQ22
McAfee-GW-EditionBehavesLike.Win32.Generic.fc
Trapminemalicious.moderate.ml.score
SophosML/PE-A + Troj/Krypt-PJ
SentinelOneStatic AI – Malicious PE
JiangminExploit.ShellCode.hmx
Antiy-AVLTrojan/Generic.ASMalwS.7E3E
KingsoftWin32.Troj.Undef.(kcloud)
MicrosoftRansom:Win32/StopCrypt.SLC!MTB
GDataWin32.Trojan.PSE.10BMRMQ
GoogleDetected
AhnLab-V3Packed/Win.GEE.R512309
McAfeeArtemis!A180E3B35120
MAXmalware (ai score=83)
VBA32Malware-Cryptor.2LA.gen
TrendMicro-HouseCallRansom_StopCrypt.R049C0DHQ22
RisingTrojan.Injuke!8.10932 (TFE:5:24MlblkpgaK)
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.HACT!tr
AVGWin32:PWSX-gen [Trj]
PandaTrj/RansomGen.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Kryptik.HQNY?

Win32/Kryptik.HQNY removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment