What is “Win32/Kryptik.HVQF”?

The Win32/Kryptik.HVQF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Kryptik.HVQF virus can do?

Sample contains Overlay data
Authenticode signature is invalid
Anomalous binary characteristics

How to determine Win32/Kryptik.HVQF?


File Info:
name: 9373EC77A7DA6852DA3A.mlw
path: /opt/CAPEv2/storage/binaries/8ef30b239ff39e322b8e5d357bea925ad6ce11425061272cb65ea84158c5b854
crc32: 11959E12
md5: 9373ec77a7da6852da3a72a57888ab53
sha1: 6d5b098d5a31dfca3f4e42d39ea4797b3133716c
sha256: 8ef30b239ff39e322b8e5d357bea925ad6ce11425061272cb65ea84158c5b854
sha512: 7fcd7e25eacd9fc438b947fe67d01ad8d98a622e581eee4cf1776a36505a62f41721c865861d00ae9add937589715c03ae9c97b94f4cd726c69eedbf56b4ac1d
ssdeep: 6144:mNmnpvWkNA7hQDJt+W9pljCE9XNgShcHUa:mCh4heJNX5avUa
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1DE445BEE2DC8A851D196ADF256DE12E44DAE4D833C2441CD6C42712FE834F39DAE6738
sha3_384: bd7d3324edcaa505bcec5fe9b9ae532cd94be2d5947d197d1510ad444b00880986848e36a9fa181191dede93f08766e9
ep_bytes: 00740079002000410067007200650065
timestamp: 1970-01-01 00:02:03

Version Info:
0: [No Data]

Win32/Kryptik.HVQF also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Variant.Razy.854482
ALYac	Gen:Variant.Razy.854482
Malwarebytes	VB.Trojan.Generic.DDS
VIPRE	Gen:Variant.Razy.854482
Sangfor	Suspicious.Win32.Save.a
Cybereason	malicious.d5a31d
BitDefenderTheta	Gen:NN.ZexaF.36680.qiY@aezJFJl
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Kryptik.HVQF
Cynet	Malicious (score: 100)
APEX	Malicious
ClamAV	Win.Malware.Razy-10016792-0
BitDefender	Gen:Variant.Razy.854482
Avast	Win32:VirLock-A
Rising	Trojan.Generic@AI.100 (RDML:cvcelNxNmPL783dOoOLh7w)
F-Secure	Trojan.TR/Crypt.XPACK.Gen
TrendMicro	Ransom_ContiCrypt.R03BC0DA824
Sophos	ML/PE-A
Ikarus	Trojan-Ransom.ContiCrypt
Varist	W32/Ransom.LX.gen!Eldorado
Avira	TR/Crypt.XPACK.Gen
Xcitium	Packed.Win32.Graybird.B@5hgpd5
Arcabit	Trojan.Razy.DD09D2
GData	Win32.Trojan.BSE.LW18Q9
Google	Detected
AhnLab-V3	Trojan/Win32.Agent.C638970
Cylance	unsafe
Panda	Trj/CI.A
TrendMicro-HouseCall	Ransom_ContiCrypt.R03BC0DA824
Yandex	Virus.Virlock.Gen.AAJ
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Virlock.K
AVG	Win32:VirLock-A
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove Win32/Kryptik.HVQF?

Win32/Kryptik.HVQF removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X