Malware

Win32/Kryptik.HSXO removal

Malware Removal

The Win32/Kryptik.HSXO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.HSXO virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Saami
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Win32/Kryptik.HSXO?



File Info:

name: 4EE350870930A79800B7.mlw
path: /opt/CAPEv2/storage/binaries/bde0910859a82bdc345f69674c3719d9c9a1dcb9cdcb99b6e7e9f20b7c3edc3b
crc32: A2F3567B
md5: 4ee350870930a79800b70b288828260c
sha1: 450c820700dcd77eeee04a910c3b694cc376907f
sha256: bde0910859a82bdc345f69674c3719d9c9a1dcb9cdcb99b6e7e9f20b7c3edc3b
sha512: 4761fe93ab69f55acc7c8d22551243f14e2c821f367b5301b9898344ca214eeed9cfadcf970a21086d2c4cd8c29027feb854b4c2ab91d18c7b6bf1bcb00b7646
ssdeep: 6144:mtueUG/n+uX2Kk1kGjr5KklafihhUthCWWZ:mtuhE+uX2K5o5VEqhcIR
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C944BF2272E0A833E5725E319D39D2E52F3FB8625D28669B2734FE2F0D702D19571B12
sha3_384: a94a65096f3fe5151ac9ad5343658bc6c248ed4f4bfdbe2546f418f3f5d5d0443c3b2a189d2bd2eb7552dcc6e70d7a81
ep_bytes: e865640000e989feffff8bff558bec83
timestamp: 2022-05-07 03:29:10


Version Info:

CompanyName: PakistanFood
FileDescription: Morricone
FileVersion: 25.77.48.49
InternalName: GorgerousOnce.exe
LegalTrademarks1: consultated
ProductName: HypsterWorld
Translation: 0x4047 0x0565

Win32/Kryptik.HSXO also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Convagent.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.65766410
FireEyeGeneric.mg.4ee350870930a798
CAT-QuickHealRansom.Stop.P5
ALYacTrojan.GenericKD.65766410
Cylanceunsafe
VIPRETrojan.GenericKD.65766410
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0059f7cb1 )
AlibabaBackdoor:MSIL/Convagent.a542205e
K7GWTrojan ( 0059f7cb1 )
Cybereasonmalicious.700dcd
CyrenW32/Agent.FRF.gen!Eldorado
ESET-NOD32a variant of Win32/Kryptik.HSXO
APEXMalicious
Paloaltogeneric.ml
KasperskyHEUR:Backdoor.MSIL.Convagent.gen
BitDefenderTrojan.GenericKD.65766410
NANO-AntivirusTrojan.Win32.Kryptik.jvhfrs
TencentTrojan.Win32.Obfuscated.gen
F-SecureHeuristic.HEUR/AGEN.1310247
DrWebTrojan.DownLoader45.46777
ZillyaBackdoor.Convagent.Win32.2144
TrendMicroTrojanSpy.Win32.RHADAMANTHYS.YXDCCZ
Trapminemalicious.high.ml.score
SophosTroj/Krypt-VE
IkarusTrojan.Win32.Crypt
GoogleDetected
AviraHEUR/AGEN.1310247
Antiy-AVLTrojan[Backdoor]/MSIL.Convagent
ArcabitTrojan.Generic.D3EB840A
ZoneAlarmHEUR:Backdoor.MSIL.Convagent.gen
GDataTrojan.GenericKD.65766410
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Generic.R560826
MAXmalware (ai score=80)
VBA32BScope.Backdoor.dcRAT
MalwarebytesTrojan.MalPack.GS
PandaTrj/Genetic.gen
TrendMicro-HouseCallTrojanSpy.Win32.RHADAMANTHYS.YXDCCZ
RisingBackdoor.Convagent!8.123DC (TFE:5:bVrbGDeyH6R)
YandexTrojan.Kryptik!C4uqsR/cgzU
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.HSXO!tr
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Kryptik.HSXO?

Win32/Kryptik.HSXO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment