How to remove “Win32/Kryptik.HVQF”?

The Win32/Kryptik.HVQF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Kryptik.HVQF virus can do?

Sample contains Overlay data
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Win32/Kryptik.HVQF?


File Info:
name: 5B68A7CFFBCC43DB87F2.mlw
path: /opt/CAPEv2/storage/binaries/ef9ee1b36f53948ebc3be181e7ab3c4a6cbb58f37a06fc0fa1bbc8badaa32642
crc32: A4F48DB4
md5: 5b68a7cffbcc43db87f2368fc3a93912
sha1: 25497dc53b3ed7515bf745a5c84e9925e9843e12
sha256: ef9ee1b36f53948ebc3be181e7ab3c4a6cbb58f37a06fc0fa1bbc8badaa32642
sha512: 5d4b15f1a12f0e9428ff9780bd9cabeb5b07fe5f4e4de887d31838a27df547af9f294a947ef99a67bdb0b287a5c33bbe10346462bcce58d989e799f6539bf4fe
ssdeep: 3072:bwVS4AuvW6fMFQA7hzcJBJt+Wq4MceidwvD9u3NTcGCLOwstyhZFChcssc56FUr5:KnpvWkNA7hQDJt+WqPb9KN4ShcHUa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T158444AEE2DC4A851D196ADF246DE12E44DBE8D933C2441CD6C42712FE834F39DAA6738
sha3_384: 10f104536694e3c9d22b3943fd19b92f738f9401345fd3704e591b13ca5d3051b01cdcb0b559a567f499f62ac225d08f
ep_bytes: 00740079002000410067007200650065
timestamp: 1970-01-01 00:02:03

Version Info:
0: [No Data]

Win32/Kryptik.HVQF also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.VirLock.4!c
MicroWorld-eScan	Gen:Variant.Razy.854482
FireEye	Generic.mg.5b68a7cffbcc43db
Skyhigh	BehavesLike.Win32.Generic.dh
McAfee	Artemis!5B68A7CFFBCC
Cylance	unsafe
Sangfor	Trojan.Win32.Razy.V5y8
Alibaba	Ransom:Win32/ContiCrypt.2929e175
Cybereason	malicious.53b3ed
Arcabit	Trojan.Razy.DD09D2
BitDefenderTheta	Gen:NN.ZexaF.36608.qiY@aO89VVh
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of Win32/Kryptik.HVQF
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Razy-10016792-0
BitDefender	Gen:Variant.Razy.854482
NANO-Antivirus	Trojan.Win32.AgentAGen.kdnnxy
Avast	Win32:VirLock-A
Tencent	Win32.Trojan.Crypt.Gwnw
Emsisoft	Gen:Variant.Razy.854482 (B)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
VIPRE	Gen:Variant.Razy.854482
Trapmine	malicious.moderate.ml.score
Sophos	Mal/Generic-S
Ikarus	Trojan-Ransom.ContiCrypt
Varist	W32/Ransom.LX.gen!Eldorado
Avira	TR/Crypt.XPACK.Gen
Gridinsoft	Ransom.Win32.Conti.sa
Xcitium	Packed.Win32.Graybird.B@5hgpd5
Microsoft	Ransom:Win32/ContiCrypt.LOD!MTB
GData	Gen:Variant.Razy.854482
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.C638970
ALYac	Gen:Variant.Razy.854482
MAX	malware (ai score=85)
Malwarebytes	Generic.Malware.AI.DDS
Panda	Trj/RansomGen.A
Rising	Trojan.Generic@AI.100 (RDML:SoXNhTPGJZhbKfXldAbuXQ)
Yandex	Virus.Virlock.Gen.AAJ
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Virlock.K
AVG	Win32:VirLock-A
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Win32/Kryptik.HVQF?

Win32/Kryptik.HVQF removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X