Win32/Kryptik.HUSV (file analysis)

The Win32/Kryptik.HUSV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Kryptik.HUSV virus can do?

The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Yara detections observed in process dumps, payloads or dropped files

How to determine Win32/Kryptik.HUSV?


File Info:
name: D905F8A7329260681142.mlw
path: /opt/CAPEv2/storage/binaries/1609e8b7a3a241720c2972771f848aaffc7ca107fc6cda77703e07e7fdb83b73
crc32: 161105A0
md5: d905f8a73292606811420d53e5bc4629
sha1: 10c0a78f343198325e3008625ff3a4a98daa20bb
sha256: 1609e8b7a3a241720c2972771f848aaffc7ca107fc6cda77703e07e7fdb83b73
sha512: 9921b9fbd9060d83f1fa8353a10e726a5124835fe73b874e00db18bd8e1512d40c9842ac6d54e1c03938a72eaa19032dfa056d21061142a1fd689dc86fd410f9
ssdeep: 6144:Ak46fuYXChoQTjlFgLuCY1dRuAOowoWFJyZU7rHQld2ye7zLnLRKA/zGpE6lqhwE:AtYzXChdTbv1bu4mV7rH/ye7vLRKWZ6P
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T11184BE1170A183F2D162383237F0B7F14A3C786C57571DEBA7D01F6E4A2E6C1E62A696
sha3_384: 13626bd7f70e0234f31333798c0abc2c10cfed8319c05537e8bfc2b7230beb9e4fd57e1e3d72dab4602b8a03d80c0409
ep_bytes: e820060000e974feffff3b0d10304300
timestamp: 2023-09-24 07:27:00

Version Info:
0: [No Data]

Win32/Kryptik.HUSV also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Zusy.488283
FireEye	Generic.mg.d905f8a732926068
CAT-QuickHeal	Trojan.GenericRI.S31230733
Skyhigh	BehavesLike.Win32.MysticStealer.fh
ALYac	Gen:Variant.Zusy.488283
Malwarebytes	Generic.Malware.AI.DDS
VIPRE	Gen:Variant.Zusy.488283
Sangfor	Infostealer.Win32.Redline.Vqma
K7AntiVirus	Trojan ( 005abe431 )
Alibaba	TrojanPSW:Win32/Redline.a999c376
K7GW	Riskware ( 00584baa1 )
BitDefenderTheta	Gen:NN.ZexaF.36802.wuW@aGXPnEo
VirIT	Trojan.Win32.GenusT.DROW
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HUSV
APEX	Malicious
TrendMicro-HouseCall	TROJ_GEN.R002C0DBQ24
Kaspersky	HEUR:Backdoor.Win32.Mokes.gen
BitDefender	Gen:Variant.Zusy.488283
NANO-Antivirus	Trojan.Win32.Inject4.kbdjav
SUPERAntiSpyware	Trojan.Agent/Gen-Crypt
Tencent	Backdoor.Win32.Mokes.hk
TACHYON	Trojan-PWS/W32.Stealerc.373248
Emsisoft	Gen:Variant.Zusy.488283 (B)
F-Secure	Heuristic.HEUR/AGEN.1366948
DrWeb	Trojan.KillProc2.21513
Zillya	Trojan.Stealerc.Win32.14060
TrendMicro	TROJ_GEN.R002C0DBQ24
Sophos	Troj/Krypt-ABY
Ikarus	Trojan.Win32.Injector
Jiangmin	Trojan.PSW.Stealerc.jq
Varist	W32/Kryptik.KSI.gen!Eldorado
Avira	HEUR/AGEN.1366948
Antiy-AVL	Trojan/Win32.GenKryptik
Kingsoft	Win32.Hack.Mokes.gen
Xcitium	Malware@#wayz9zgp6tc1
Arcabit	Trojan.Zusy.D7735B
ZoneAlarm	HEUR:Backdoor.Win32.Mokes.gen
GData	Gen:Variant.Zusy.488283
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win.CrypterX-gen.R607329
McAfee	Trojan-FVTN!D905F8A73292
Google	Detected
MAX	malware (ai score=100)
DeepInstinct	MALICIOUS
VBA32	TrojanPSW.Stealerc
Cylance	unsafe
Rising	Trojan.SmokeLoader!1.EB4F (CLASSIC)
Yandex	Trojan.Kryptik!gTReJUHdMBg
SentinelOne	Static AI – Malicious PE
Fortinet	W32/GenKryptik.GOEE!tr
Panda	Trj/Genetic.gen
alibabacloud	Backdoor:Win/GenKryptik.GOEE

How to remove Win32/Kryptik.HUSV?

Win32/Kryptik.HUSV removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X