Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Kryptik.BTE

Trojan.Kryptik.BTE

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 8,510
Threat Level: 80 % (High)
Infected Computers: 38
First Seen: April 11, 2026
Last Seen: May 20, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Kryptik.BTE
Signature status: Self Signed

Known Samples

MD5: 27df57be42c5d660ba75b684570326de
SHA1: f4f8d793b35300dc4b0cd0ea89de602e1cb1f96c
SHA256: 36F0F2DF9984C03AA01A22A6556F6B8D3F6DCB6D63A95D1DDDE96B3EE9687977
File Size: 2.99 MB, 2988416 bytes
MD5: a85de64fefdb605914efc4f1beaff318
SHA1: b7562b1021d901503f8e372c83dadb16e1913825
SHA256: 1FE9BAB90AB4789FC94BFCCB2D6FDC528F8B372BFA2C80D31DEC8393A599D937
File Size: 2.98 MB, 2984336 bytes
MD5: 5d6203f606ab06edc6f1cb2b83bc9967
SHA1: ecf517feb93c86584b24ee16299227e699040ca8
SHA256: B8F5F2DDE2E6A63F5EB5E00FD68A316F23143E5E01835064407A993536175AAB
File Size: 2.19 MB, 2190008 bytes
MD5: 12e35406b981d3ebb16a09d6be0a46ce
SHA1: 08e9d599d5ce2a68f234a8c118f28cda3577acbb
SHA256: F3D33CAC2ECF45D307B5FE601DAD350E769912452716CCA48C73C610EEE34A69
File Size: 2.44 MB, 2438136 bytes
MD5: 0aad798ba38eb32e3302d41b525b5f1f
SHA1: 6b1f62148f8b7c3e5747eb7adcf5b0ce70387923
SHA256: B5DA3BC8B69480F9451D00CB298FF2E059299D6933AC3162E2424AE4873C4D1C
File Size: 5.01 MB, 5013712 bytes
Show More
MD5: d161b5883aacce4c8cb780bf9390d990
SHA1: bd877253d1ee06a878b005560e694188ff3e3a43
SHA256: 0DBF64290D57B3CABE9FD7C87296B72024FE232B64869B0DD4AAB98722908CDF
File Size: 3.00 MB, 2998912 bytes
MD5: bc1f8080cd02a5949d11beb20a68e2a7
SHA1: 24215c40915fb54c5c2f8a4ee6ed527b1219dfe2
SHA256: 99151C4CF172808440316EFA14F847D406521C62BAB9E6E14D0987921536AEAF
File Size: 2.44 MB, 2438112 bytes
MD5: 407e289efabe726d0c8c9885a6389198
SHA1: c8b1504801a9d1ca35d09136fb2066c64744e087
SHA256: 9DDFBE7ED6F04F3397A900D07C2F0FE3EDCF88213A23BBA097B7B0699CED000A
File Size: 4.91 MB, 4910208 bytes
MD5: 9c4acdeb5c992a98523e6821b888cd5d
SHA1: 360800dc077f85a655634445c182e4018b851d38
SHA256: 29FBE379590D0D8117268C5CA8981E22DA7551256CE22FF1E151867327409898
File Size: 4.65 MB, 4646080 bytes
MD5: 97e56770068cbb1ee0c025833f801a27
SHA1: c48702c0963c0bf3cb34819d7dcdb46b12fb1f41
SHA256: 02126FCC68597C33F19FDBB6CA9875F8D3A4ACD2AD9604BF162FFC20F42FF0ED
File Size: 4.51 MB, 4509312 bytes
MD5: d647c0e96f02797cd493103640d949b9
SHA1: 889bc3e6258ededb6e931e05913f27476d66dce6
SHA256: 671766846F634CBF303484D3FD76553D015CD30D46B877DCE1D9E81972064A49
File Size: 4.01 MB, 4005056 bytes
MD5: 64b300aba9546d591d19909783858b9b
SHA1: f0e25389c56857f6986a936e8d4994aa6e17278a
SHA256: 1630229921B37C6062C9960263D0A0F5FC01F943A267A69D1760BD77F782A94C
File Size: 4.91 MB, 4910208 bytes
MD5: 614381fab1d5d8497b7625964c4ef6f4
SHA1: 3f89410b9939c3b8c82deef4377335bb9d5c5300
SHA256: 6D3CBCB38F3802C740E2B8AA90B2BF10D8519E2E7F1BA00F3EEEAAB439D53D01
File Size: 6.26 MB, 6263304 bytes
MD5: 40e9709d32414d3d807e1bd10b12fcee
SHA1: 62dd1edb29a8a905ce413cff28d3dbd5f49973de
SHA256: 6D0082B2B9891B7531B37E5511FB3071112F390A8AF574FD30FF1714314A7DCC
File Size: 3.01 MB, 3008128 bytes
MD5: d9c22f8397fd1a06de1dc52483acce3f
SHA1: 51403ff509f1f827f9e3100ca4871546208f4c81
SHA256: B4A4523F6BFF5F2E2210B460B8A6202BA6E52127313FDEFC2301ADDA814AD7AB
File Size: 2.94 MB, 2941096 bytes
MD5: f7dc4555a54be2607f6fe0cf6fbbe8a3
SHA1: 008f5175af8a0b6698b2136b9038bc083e8282e5
SHA256: B936436BA0C77B0E3314EEA85037F70085270C9A1BCC42B802448AAAF558F2D2
File Size: 3.10 MB, 3103424 bytes
MD5: 3df28fb0d18f717c797b9bc785d36cad
SHA1: c289fd84a86817d21cc496bf9e841d724b91adc0
SHA256: EC7D3A8D66B31308875DF2F6450FFB235173B912030699E0F5C2E0E7FCE48919
File Size: 3.52 MB, 3517096 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have resources
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Digital Signatures

Signer Root Status
*.100mensch.de *.100mensch.de Self Signed
*.issuu.com *.issuu.com Self Signed
*.merriam-webster.com *.merriam-webster.com Self Signed
*.rottentomatoes.com *.rottentomatoes.com Self Signed
*.searchhounds.com *.searchhounds.com Self Signed
Show More
*.ss.com *.ss.com Self Signed
drawme.io drawme.io Self Signed
www-cs-02.oracle.com www-cs-02.oracle.com Self Signed
www.aa.com www.aa.com Self Signed

File Traits

  • big overlay
  • dll
  • golang
  • No Version Info
  • x64

Block Information

Total Blocks: 10,081
Potentially Malicious Blocks: 325
Whitelisted Blocks: 3,091
Unknown Blocks: 6,665

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.BSA
  • Agent.MPF
  • Kryptik.BTE
  • Kryptik.DZE
  • Kryptik.FRS
Show More
  • Kryptik.VY
  • Rozena.DDB
  • Rozena.DDC
  • ShellcodeRunner.LLC

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcConnectPort
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtAlpcSetInformation
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtAssociateWaitCompletionPacket
  • ntdll.dll!NtCancelWaitCompletionPacket
  • ntdll.dll!NtClearEvent
  • ntdll.dll!NtClose
Show More
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateEvent
  • ntdll.dll!NtCreateIoCompletion
  • ntdll.dll!NtCreateKey
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtCreateTimer2
  • ntdll.dll!NtCreateWaitCompletionPacket
  • ntdll.dll!NtCreateWorkerFactory
  • ntdll.dll!NtDeviceIoControlFile
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtEnumerateKey
  • ntdll.dll!NtEnumerateValueKey
  • ntdll.dll!NtFlushProcessWriteBuffers
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenEvent
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadToken
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySecurityObject
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQuerySystemInformationEx
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReadVirtualMemory
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRemoveIoCompletionEx
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationKey
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationThread
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSetIoCompletion
  • ntdll.dll!NtSetTimerEx
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitForWorkViaWorkerFactory
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtYieldExecution
  • UNKNOWN
User Data Access
  • GetUserObjectInformation
Anti Debug
  • IsDebuggerPresent

Trending

Most Viewed

Loading...