Malware

Win32:Kryptik-PAB [Trj] malicious file

Malware Removal

The Win32:Kryptik-PAB [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Kryptik-PAB [Trj] virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Win32:Kryptik-PAB [Trj]?



File Info:

crc32: FB67C37F
md5: cb05a93595e149bdaad4a238b4325bb3
name: CB05A93595E149BDAAD4A238B4325BB3.mlw
sha1: 1d6856c97be5aebf1491f0bce72a25df556fa596
sha256: 4efda554d6abb5da2262f7ef6617b09ad3b6e5b03aa668867dfb452aa6c53b6e
sha512: 6ead70f5883316ececfcb4749568f9fdae8632d19f3f2cf588f902538739e7b1d85f3128140517dfad0799c5ef76bc70415a6c43fca1f1ac598e4088697d146f
ssdeep: 384:o0ZHgzZSs60UnhidxRmyilYSJaKCEezHXfff/Duz:VZHoUogZQKK3fff/Dw
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Win32:Kryptik-PAB [Trj] also known as:

K7AntiVirusTrojan ( 004aff101 )
DrWebTrojan.Upatre.112
MicroWorld-eScanTrojan.GenericKD.1949202
ALYacTrojan.GenericKD.1949202
CylanceUnsafe
ZillyaBackdoor.CPEX.Win32.29943
SangforMalware
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojanDownloader:Win32/Upatre.7ad1ac50
K7GWTrojan ( 004aff101 )
Cybereasonmalicious.595e14
TrendMicroTROJ_UPATRE.SMNC
BaiduWin32.Trojan-Downloader.Waski.b
CyrenW32/Trojan.RLAO-7427
ESET-NOD32Win32/TrojanDownloader.Waski.A
ZonerTrojan.Win32.27244
APEXMalicious
TotalDefenseWin32/Upatre.FS
AvastWin32:Kryptik-PAB [Trj]
ClamAVWin.Trojan.Upatre-5752
GDataTrojan.GenericKD.1949202
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.GenericKD.1949202
NANO-AntivirusTrojan.Win32.RiskGen.dhwqgh
ViRobotTrojan.Win32.Z.Upatre.46504.P
SUPERAntiSpywareTrojan.Agent/Gen-Upatre
TencentMalware.Win32.Gencirc.10b8ef56
Ad-AwareTrojan.GenericKD.1949202
SophosTroj/Agent-AJNW
ComodoTrojWare.Win32.Crypt.C@7vajd0
F-SecureTrojan-Downloader:W32/Upatre.J
BitDefenderThetaGen:NN.ZexaF.34110.cqX@ayYbvge
VIPRETrojan.Win32.Matsnu.ce (v)
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Upatre.pz
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.cb05a93595e149bd
EmsisoftTrojan.GenericKD.1949202 (B)
SentinelOneDFI – Malicious PE
F-ProtW32/Trojan3.LTK
Endgamemalicious (high confidence)
WebrootW32.Rogue.Gen
AviraTR/Crypt.Epack.miod.1
eGambitUnsafe.AI_Score_81%
Antiy-AVLTrojan[Downloader]/Win32.Upatre
MicrosoftTrojanDownloader:Win32/Upatre.AK
JiangminTrojanDownloader.Upatre.by
ArcabitTrojan.Generic.D1DBE12
AegisLabTrojan.Win32.Agent.lvG0
ZoneAlarmHEUR:Trojan.Win32.Generic
AhnLab-V3Trojan/Win32.Downloader.R122980
Acronissuspicious
McAfeeUpatre-FAAC!CB05A93595E1
MAXmalware (ai score=80)
VBA32TrojanDownloader.Upatre
MalwarebytesTrojan.Upatre
PandaTrj/Genetic.gen
TrendMicro-HouseCallTROJ_UPATRE.SMNC
RisingDownloader.Waski!8.184 (TFE:dGZlOgER6v226RPwSA)
YandexTrojan.Kryptik!u34cstRhBdw
IkarusTrojan-Downloader.Win32.Upatre
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Upatre.HL!tr
AVGWin32:Kryptik-PAB [Trj]
Qihoo-360Win32/Trojan.73f

How to remove Win32:Kryptik-PAB [Trj]?

Win32:Kryptik-PAB [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment