Win64/Kryptik.EHF removal instruction

The Win64/Kryptik.EHF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win64/Kryptik.EHF virus can do?

CAPE extracted potentially suspicious content
The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine Win64/Kryptik.EHF?


File Info:
name: 0897549F91B0484C0F61.mlw
path: /opt/CAPEv2/storage/binaries/e8e7e7f5f731c34082c7f1993dab1dedd676826144b5794bbb4d5d2420dd4693
crc32: 1911753E
md5: 0897549f91b0484c0f6111b134071cb1
sha1: 705f26cb54adf368e639d56fd4b50a4f2b9a275a
sha256: e8e7e7f5f731c34082c7f1993dab1dedd676826144b5794bbb4d5d2420dd4693
sha512: e0fd9e0b65266f4d2c69431caa6d38eec076de7648d32dd73b4e8374199507b1725503e3d230d6af781c3a6f6ccaad372c97245dc9ba3b9de7c548f3a47afe10
ssdeep: 6144:1rJTYYGTy+Me6lMuCvGopVA1GOZzSN48ohBN0XOg/sH4NRRfVMm/Lt8:IYG7s6jlLqVmNBoBUOksHyRf6m/Lt
type: PE32+ executable (GUI) x86-64, for MS Windows
tlsh: T1C084F106F7A61AE6DD36857DC8431A52EBB27C124771CE7F5390821A7F534C48E3AB22
sha3_384: f06bf62d421a5b163fb204c732a2195bfd1abdd2b150190195abe68ba37baeec153daa3823d2066b60ca3d1327754844
ep_bytes: 4883ec28e83f0900004883c428e982fe
timestamp: 2024-04-29 20:25:16

Version Info:
0: [No Data]

Win64/Kryptik.EHF also known as:

Bkav	W64.AIDetectMalware
Elastic	malicious (high confidence)
FireEye	Generic.mg.0897549f91b0484c
Skyhigh	BehavesLike.Win64.BumbleBee.fc
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win64/Kryptik.EHF
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:Trojan.Win32.Cobalt
Trapmine	malicious.high.ml.score
Sophos	ML/PE-A
Kingsoft	malware.kb.a.998
ZoneAlarm	UDS:Trojan.Win32.Cobalt
Cynet	Malicious (score: 100)
Malwarebytes	Generic.Malware/Suspicious
Rising	Trojan.Kryptik!8.8 (CLOUD)
DeepInstinct	MALICIOUS
alibabacloud	Trojan:Win/Kryptik.EJ!

How to remove Win64/Kryptik.EHF?

Win64/Kryptik.EHF removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X