Malware

What is “Win32/Kryptik.MIC”?

Malware Removal

The Win32/Kryptik.MIC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.MIC virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial binary language: Russian
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Tries to unhook or modify Windows functions monitored by Cuckoo

How to determine Win32/Kryptik.MIC?



File Info:

name: D8F78759D7D7548A438B.mlw
path: /opt/CAPEv2/storage/binaries/b2e0c70021227c20448268bd1d267f40c8db11c917ce86a0358cdebe9b64c1eb
crc32: F8B81911
md5: d8f78759d7d7548a438b03f7e34576d8
sha1: 7752adfed38a0dab78ab0ca3fee28d2a268ad675
sha256: b2e0c70021227c20448268bd1d267f40c8db11c917ce86a0358cdebe9b64c1eb
sha512: b39a4eb0b605fd9495c8fbe305ccf876a26f395efc2ac647c0ee32e36c48a9c677118f2ae0236360caffc00bb40d19fda546ea2dd76f9ff0ca5db3af9b909253
ssdeep: 3072:WVOOOII83lfhlLv2PQyayTVkoSXQH3Wq7PJ6HA8IantFIUhIE3qpQ3Y:WrIqdvWkoSgXF4hOUG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T13EF3017379C0EA35D094C4B71A19CB896727AB361114C7872A9C55AFFE353E18E2B313
sha3_384: 2e2874405aff2f83670b9eceec4d20965e5e8343623b1ec052d1386d85646f75a7fe6a4d1dcaf731cb20979eb469cc17
ep_bytes: 6a606820914000e83c080000bf940000
timestamp: 2011-04-04 12:36:51


Version Info:

FileDescription: Microsoft DirectMusic Scripting
FileVersion: 5.3.2600.5512 (xpsp.080413-0845)
InternalName: Microsoft DirectMusic Scripting
LegalCopyright: © Microsoft Corporation. All rights reserved.
ProductName: Microsoft(R) Windows(R) Operating System
ProductVersion: 5.3.2600.5512
Translation: 0x0419 0x04b0

Win32/Kryptik.MIC also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.30790794
ALYacTrojan.GenericKD.30790794
CylanceUnsafe
SangforARMADILLO17
CrowdStrikewin/malicious_confidence_70% (D)
K7GWTrojan ( 003c36381 )
K7AntiVirusTrojan ( 003c36381 )
VirITTrojan.Win32.Pakes.JTI
CyrenW32/Carberp.C.gen!Eldorado
ESET-NOD32a variant of Win32/Kryptik.MIC
APEXMalicious
ClamAVWin.Trojan.Agent-516382
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKD.30790794
NANO-AntivirusTrojan.Win32.Agent.bfhhhp
SUPERAntiSpywareTrojan.Agent/Gen-Downloader
AvastWin32:Malware-gen
TencentMalware.Win32.Gencirc.114c0980
Ad-AwareTrojan.GenericKD.30790794
SophosML/PE-A + Mal/Zbot-CJ
ComodoTrojWare.Win32.Kryptik.MNM@4urmgy
DrWebTrojan.Starter.1591
ZillyaTrojan.Agent.Win32.127841
TrendMicroTSPY_SPYEYE.SMQW
McAfee-GW-EditionBehavesLike.Win32.Spyeye.cc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.d8f78759d7d7548a
EmsisoftTrojan.GenericKD.30790794 (B)
SentinelOneStatic AI – Malicious PE
GDataTrojan.GenericKD.30790794
JiangminTrojan/Agent.emwz
AviraTR/Dropper.Gen
ArcabitTrojan.Generic.D1D5D48A
MicrosoftTrojan:Win32/Ramnit.A
CynetMalicious (score: 100)
AhnLab-V3Spyware/Win32.SpyEyes.R3844
McAfeePWS-Spyeye.av
MAXmalware (ai score=84)
VBA32BScope.Trojan.Starter
MalwarebytesSpyware.PasswordStealer.XGen
TrendMicro-HouseCallTSPY_SPYEYE.SMQW
RisingTrojan.Generic@AI.89 (RDML:KdzHk1fGUCXkzBv+2mqLzg)
YandexTrojan.GenAsa!djlCpc8x32E
IkarusWorm.Win32.Reclog
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/SpyEyes.LBN!tr.spy
BitDefenderThetaGen:NN.ZexaF.34712.kq1@aqbqExai
AVGWin32:Malware-gen
Cybereasonmalicious.9d7d75
PandaTrj/Genetic.gen

How to remove Win32/Kryptik.MIC?

Win32/Kryptik.MIC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment