Malware

Win32/Kryptik.NCM information

Malware Removal

The Win32/Kryptik.NCM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Kryptik.NCM virus can do?

  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid

How to determine Win32/Kryptik.NCM?



File Info:

name: D2FA590F93703AD8EC2F.mlw
path: /opt/CAPEv2/storage/binaries/15e18801e2f5265ca2594fe812d11dc916ee77286a530c2f260716ed26990679
crc32: C1B297C1
md5: d2fa590f93703ad8ec2f84732557f692
sha1: 3030fe8987e50004b4aba8158be53240815262d6
sha256: 15e18801e2f5265ca2594fe812d11dc916ee77286a530c2f260716ed26990679
sha512: 2c01211ff6b014084f08ccf6e8c6dc1810e006d35202b3f4b8635303206815eb7c0eb273feef9490859d9148472bb238fb527d6d5bb6bca37cdf1ab064ce3da8
ssdeep: 6144:JfoxHEqPQGVnITJFqYwovtI8p+WVfvq0ohpQ0kPXqhfgJFXP0UwOiKloHMzTy1b:eHxzVQqYwypd5qc0kPXPF5igoHfb
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T106A48E0623DCA90FE43C2B34E8C25ADAC7ADFD58E5D14C4092D5848D5DA626FF5883AF
sha3_384: 1bb8e98943c3c741fa4de546b898e9e95c730581ea002eaa45834b34df911b4db785b119a8d6e232a76a79337193f645
ep_bytes: 8bec609ce9c7e3000058044500e80256
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Win32/Kryptik.NCM also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur2.FU.CGW@amaQP5ic
ALYacGen:Trojan.Heur2.FU.CGW@amaQP5ic
MalwarebytesMalware.Heuristic.1001
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 7000000f1 )
K7GWTrojan ( 7000000f1 )
Cybereasonmalicious.f93703
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Kryptik.NCM
APEXMalicious
CynetMalicious (score: 100)
BitDefenderGen:Trojan.Heur2.FU.CGW@amaQP5ic
RisingTrojan.Generic@AI.89 (RDML:weGDPnliGErRPAM/GOazeA)
Ad-AwareGen:Trojan.Heur2.FU.CGW@amaQP5ic
EmsisoftGen:Trojan.Heur2.FU.CGW@amaQP5ic (B)
ComodoTrojWare.Win32.PkdMorphine.~AN@1l4q0o
F-SecureDropper.DR/Delphi.Gen
VIPREGen:Trojan.Heur2.FU.CGW@amaQP5ic
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.d2fa590f93703ad8
SophosGeneric ML PUA (PUA)
SentinelOneStatic AI – Malicious PE
AviraDR/Delphi.Gen
MicrosoftTrojan:Win32/Wacatac.B!ml
ArcabitTrojan.Heur2.FU.E896B7
GDataGen:Trojan.Heur2.FU.CGW@amaQP5ic
GoogleDetected
Acronissuspicious
MAXmalware (ai score=88)
CylanceUnsafe
YandexTrojan.GenAsa!CqTQM+4DYIw
IkarusTrojan-Banker.Win32.Banker
MaxSecureTrojan.Malware.300983.susgen
BitDefenderThetaAI:Packer.091ADCFC20

How to remove Win32/Kryptik.NCM?

Win32/Kryptik.NCM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment