Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Kryptik.Gen.CTA

Trojan.Kryptik.Gen.CTA

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.Kryptik.Gen.CTA
Signature status: No Signature

Known Samples

MD5: a79a5a4dcff47ce05380a047ad4d1d7d
SHA1: 7338e4538d7f167df1d484b4cf4700eca09ee931
SHA256: 39C8F17B7D9E284D274FAC0BC9157DABD0EDB94FA6C5344B7091FAB0D765DBA1
File Size: 2.11 MB, 2108416 bytes
MD5: f2e60ba70b3b3b42c64b2fb204a82ae3
SHA1: 1b1f67b56c6fb36a15d866212441e71fbd754790
SHA256: 3EDE1ADBE03D1362396F2DE6E4603E6FA11D5C70710A7C0DF0F0B2621122BD27
File Size: 640.29 KB, 640292 bytes
MD5: 05af0cebe586e3ce853772f8da6aa099
SHA1: 94e074e87e7e99426a4dda93c4685c6b3a7baf58
SHA256: 74EB19A550C5CFBF6F1A363999773A1443D29ED46EF2E5B2C9E12DA0BFB5A85F
File Size: 639.35 KB, 639348 bytes
MD5: 19b6e843ea76f1a2166aafef5cc48f6b
SHA1: 00a7ba8b46aa9207a2f474573a6b944be190f4b9
SHA256: 662D87D5ED538376EA5962A227ED31DEC47953095B7C14E337ABD38CEE1FBEFB
File Size: 626.18 KB, 626176 bytes
MD5: 663ffa6c057d22cb86e49afb917166b3
SHA1: ef64faf7a0d743c2372b5bc3d13ba77991784bb1
SHA256: EA0D075942E1F4649DAEBB63178133179882AEDAF57FE30386097FBB0CCD0EFE
File Size: 627.20 KB, 627200 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name
  • Chain Genius Proton Industries
  • Clinical Studio
  • Ice Framework Flow Online
  • PathVortexPenta Realm
  • Summit Technical LP
File Description
  • Adaptive Payment Clinical Booster
  • Database Raster Investment Unmount Logger
  • Flow Compile Service
  • Interpreter Plugin Analytics Releaser Adapter
  • Mandatory Edge Adapter
File Version
  • 15.1.1.189
  • 8.5.31.317
  • 5.10.47.136
  • 4.1.4.15
  • 2.3.5.49
Internal Name
  • quality_build
  • table_planne
  • watcher69
  • web49
  • zonefragment
Legal Copyright
  • (C) 2017 - 2023 PathVortexPenta Realm
  • (C) Copyright 2022 Summit Technical LP
  • Copyright (c) 2019 by Chain Genius Proton Industries
  • Copyright 2022 Clinical Studio. All Rights Reserved.
  • Ice Framework Flow Online Copyright 2016-2023
Original Filename
  • quality_build.dll
  • table_planne.dll
  • watcher69.dll
  • web49.dll
  • zonefragment.dll
Product Name
  • Compiler Open Dense Packager
  • Distribution Decompressor
  • Grid Accounting Portal
  • Rapid Tester wbdcf
  • Render Ecosystem Import Translator
Product Version
  • 15.1.1.189
  • 12.0.16.307
  • 4.1.4.15
  • 2.3.47.46
  • 1.10.58.360

File Traits

  • big overlay
  • dll
  • HighEntropy
  • x64

Block Information

Total Blocks: 169
Potentially Malicious Blocks: 59
Whitelisted Blocks: 110
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 x 0 x x x 0 x 0 0 x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 x x x 0 x 0 0 x 0 x x x x 0 0 0 0 x x x 0 x x x x x 0 0 0 0 0 x x 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
Show More
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • UNKNOWN

Trending

Most Viewed

Loading...