Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Kryptik.BFITI

Trojan.Kryptik.BFITI

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 25,606
Threat Level: 80 % (High)
Infected Computers: 423
First Seen: August 1, 2023
Last Seen: December 5, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Kryptik.BFITI
Signature status: No Signature

Known Samples

MD5: 5d92b70d803368f6525f53a555a063cf
SHA1: 41d902a95e671510ecd5aa5c3694b85ab9e03193
SHA256: 0424F91ACE3FD817B16CE0A786AAE44DEF8977B9C0A9179BF9022D1D27B8CF27
File Size: 510.98 KB, 510976 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name Silly
File Descriptions PlasticFantastic
File Version 13.78.85.48
Internal Name GrowTrees.exe
Legal Copyrights Challangers kenia
Product Name Game
Product Version 4.80.40.45

File Traits

  • HighEntropy
  • x86

Block Information

Total Blocks: 358
Potentially Malicious Blocks: 11
Whitelisted Blocks: 347
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 1 0 1 1 1 1 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 2 2 0 0 0 1 0 0 0 0 1 1 0 0 1 0 0 1 0 0 0 0 0 0 0 0 0 2 1 1 3 0 1 1 0 0 1 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 2 3 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 1 1 0 0 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 1 0 0 1 0 0 0 0 0 1 1 1 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 2 0 0 1 0 0 0 0 x x x x x x x x x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Files Modified

File Attributes
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\223de96ee265046957a660ed7c9dd9e7_eff9b9ba98deaa773f261fa85a0b1771 Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\26c212d9399727259664bdfca073966e_b7ed31d77d311a56fdcb56a0083b3e0b Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\content\56bd22aed931573ff211080ea231f008_7156f4d84718d1fcbecb4d5e58bee9cd Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\223de96ee265046957a660ed7c9dd9e7_eff9b9ba98deaa773f261fa85a0b1771 Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\26c212d9399727259664bdfca073966e_b7ed31d77d311a56fdcb56a0083b3e0b Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\locallow\microsoft\cryptneturlcache\metadata\56bd22aed931573ff211080ea231f008_7156f4d84718d1fcbecb4d5e58bee9cd Generic Read,Write Data,Write Attributes,Write extended,Append data

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\content::cacheprefix RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\cookies::cacheprefix Cookie: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\5.0\cache\history::cacheprefix Visited: RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
Show More
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey

Windows API Usage

Category API
Encryption Used
  • BCryptOpenAlgorithmProvider

Trending

Most Viewed

Loading...