Malware

Should I remove “Win32:Shellter [Cryp]”?

Malware Removal

The Win32:Shellter [Cryp] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32:Shellter [Cryp] virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)

How to determine Win32:Shellter [Cryp]?



File Info:

crc32: 57BF7A6E
md5: 7c83d0988a99771059ff5fbe356b5733
name: 7C83D0988A99771059FF5FBE356B5733.mlw
sha1: bc86e32a1b61d3177eee472dd726862b49d365a6
sha256: 8eae4af86d1f67ace5cda3652f35a27d9c1b5417ac2b7764f3ca260a13ea7371
sha512: a015453ef1fbfd4ac977d3bdb9a4b0d02e917ebc7d5925bed1ac12d415156843c7e8602301ac80edcaa11645f5ed92ced441b4add37d87b10293f3daa4f8c161
ssdeep: 1536:8wOnbNQKtXZWDyy1o5I0hJUEbooPRrKKRRySa:uNQKtpWDyDI0hJltZrpRRy
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (C) Microsoft Corporation. All rights reserved.
InternalName: Notepad
FileVersion: 5.1.2600.5512 (xpsp.080413-2105)
CompanyName: Microsoft Corporation
ProductName: Microsoft(R) Windows(R) Operating System
ProductVersion: 5.1.2600.5512
FileDescription: x8bb0x4e8bx672c
OriginalFilename: NOTEPAD.EXE
Translation: 0x0804 0x04b0

Win32:Shellter [Cryp] also known as:

K7AntiVirusRiskware ( 0040eff71 )
Elasticmalicious (high confidence)
CynetMalicious (score: 85)
ALYacGen:Variant.Cerbu.88406
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/Shelma.c89f3927
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.88a997
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Shellter [Cryp]
KasperskyTrojan.Win32.Shelma.tay
BitDefenderGen:Variant.Cerbu.88406
MicroWorld-eScanGen:Variant.Cerbu.88406
TencentWin32.Trojan.Shelma.Akfj
Ad-AwareGen:Variant.Cerbu.88406
SophosML/PE-A + ATK/Shellter-AC
ComodoMalware@#2ogy5ysackly4
VIPRETrojan.Win32.Generic!BT
TrendMicroBackdoor.Win32.SWRORT.SMB
McAfee-GW-EditionMalHeur-FAG!7C83D0988A99
FireEyeGeneric.mg.7c83d0988a997710
EmsisoftGen:Variant.Cerbu.88406 (B)
AviraHEUR/AGEN.1124598
MicrosoftTrojan:Win32/Vagger!rfn
GDataGen:Variant.Cerbu.88406
AhnLab-V3Trojan/Win32.RL_Generic.R362731
McAfeeMalHeur-FAG!7C83D0988A99
MAXmalware (ai score=100)
PandaTrj/CI.A
TrendMicro-HouseCallBackdoor.Win32.SWRORT.SMB
RisingTrojan.Generic@ML.97 (RDMK:BYXhJueiROkPvtkx6rnMAw)
IkarusTrojan.Win32.Dialer
FortinetW32/Generic.AC.3A1D4B!tr
AVGWin32:Shellter [Cryp]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.DogHousePower.HgIASOoA

How to remove Win32:Shellter [Cryp]?

Win32:Shellter [Cryp] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment