Trojan.Kryptik.Gen.ECL

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	3,793
Threat Level:	80 % (High)
Infected Computers:	65

First Seen:	April 2, 2026
Last Seen:	May 19, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Kryptik.Gen.ECL
Signature status:	Self Signed

Known Samples

MD5: 71433eadba3f3f3d258e75d98841fa39

SHA1: 4deb46f25d9e030e273fc8ffb8ec8d092484126b

SHA256: 5A509D88669F780465BC59AD9BD092FC3AB4538B6B2653AD02173F1197C23FD1

File Size: 656.19 KB, 656192 bytes

MD5: 2784d93333fa8284267a70b25ed00706

SHA1: 3dcb019973629bcdb423ac6e0df1ef29c4fbd89f

SHA256: 05995356583300D087CB73DA34FC9722099C6229325CBE240BF6BA32AAC258A5

File Size: 658.76 KB, 658760 bytes

MD5: b4e67369a59afe62a9cdd1880d2868ff

SHA1: 6c1922d307d988c619604f1f97795d33c94e290b

SHA256: BB988E1314B4B3B7EDB504C609D75A1F0836E33A13A45642629072F29C27DFD6

File Size: 1.26 MB, 1256736 bytes

MD5: a7b2e65ec3aed0ff8de3788dd56c6432

SHA1: d035da4f55af9c977f622270ab52ee69faec1d87

SHA256: F82D272A52C56F65D66AC665F3074639B93B61C094D27C75E0C77B9BAFFE896F

File Size: 733.44 KB, 733440 bytes

MD5: 8c0b07374898e76cadd6d36e68959682

SHA1: c23da96e2e71d8487c839b75bfaad1e7f8b7a3a8

SHA256: 5EB440933EFC934628399697E2BCA83AC41CEFBB7C653DAE1B91113596C4755E

File Size: 757.22 KB, 757216 bytes

MD5: 49f217620e429887aaccfcfc5fe837d8

SHA1: 759d9d9f03b0747ab56ae978437c03ffc3c98519

SHA256: 28D0F6D874866FA512432E6490F3FD1113DC0EFD5A7E0E324437DA8D8B2C9CF7

File Size: 708.67 KB, 708672 bytes

MD5: edf36c64fba1ac5955e842b4a0b89f3d

SHA1: a06086c97524c14b6959e143998ce8204d966b26

SHA256: C9E71805E48DAA579BFC7B3C429A86BA95AF99B9EAF6B96E8444F98240260919

File Size: 1.55 MB, 1545440 bytes

MD5: 8048bb94381a8409f1e152b1f9d2ed3b

SHA1: a6e3fe879864165cd8ea696902cd1f4c2fb57137

SHA256: 30483602B9F632E1192985B58AA0E7F8EE2286DAEF6C35ABD13020779394E918

File Size: 1.47 MB, 1466688 bytes

MD5: f351df6796ba968e79a8b66e76e3e1a7

SHA1: 48c301a649e49cc3022cef18f471f74e9fa3237f

SHA256: 0C9E772D8730204DD850797827745A27BDE599983D1EE070D0B61EA5FAEAF535

File Size: 647.37 KB, 647368 bytes

MD5: eea70c7d057d2389cba091fe89e70270

SHA1: f5c2038a96aae6758b6d95b091fba2ae4f20c8bd

SHA256: FB8BDBA791F8C4DCD097785AC52105316BEA737360ACE0E5F78738286A190426

File Size: 675.26 KB, 675256 bytes

MD5: 0079349e533d6060bc6d731e0467ede7

SHA1: c4f52c7603762413f46f8b5d42dfdd4f80f9ebb0

SHA256: 89B1B3C8CCDCA7046FE30361F1FD9E70BD501DAEA2A28988FFA028C3428C680B

File Size: 702.18 KB, 702176 bytes

MD5: 775d8202e41990a1e1f61b9342c5dcf4

SHA1: d24094e6961b382c426cb4b149240daa554a3f77

SHA256: 9CEDC639B3247BEECB25B28B5F4A12E5586ED46DB140A5F1C09CA16F2781461B

File Size: 659.82 KB, 659824 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File has exports table
File is 64-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed
IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

14 additional icons are not displayed above.

Windows PE Version Information

Name	Value
Comments	Based on .NET architecture Built with DirectX framework Enhanced with Machine Learning capabilities Enhanced with Multi-threading capabilities Includes Distributed systems acceleration Optimized for .NET performance Optimized for Cloud computing performance Optimized for DirectX performance Powered by .NET technology Powered by Cloud computing technology Show More Utilizes Machine Learning core engine
Company Name	Bahringer - Altenwerth Bergstrom - Toy Boehm - Stokes Bogan, Witting and McKenzie S.A.S. Emard LLC Glover LLC Hahn Inc Hodkiewicz and Sons King and Sons Mueller LLC Show More O'Kon - Schinner B.V. Robel - Hilpert Romaguera - Treutel Simonis and Sons Skiles - D'Amore B.V.
File Description	bypasser Ultimate Suite calculating next-generation Professional Suite Ergonomic Cotton Ball Enterprise System JBOD monitor Ultimate Monitor multi-byte array Professional System quantifying quantifying Deluxe Analyzer RAM protocol Enterprise Analyzer SAS transmitter Professional Toolkit Sleek Fresh Mouse - Dutch Version Sleek Fresh Mouse Professional System Show More Sleek Steel Shirt Standard Protector USB bandwidth Expert Manager USB pixel - Dutch Version USB pixel - French Version USB pixel Master Optimizer
File Version	4.24.1544 4.20.2430 4.15.5016.985 4.13 4.9.895 4.4.985 4.2 3.22.1751 3.6.1766.610 2.25 Show More 2.20.1016 2.2.639
Internal Name	bahringer_usbbandwidth.exe calculatingnextgeneration.exe ergonomiccottonball.exe JBODmonitor.exe multibytearray_client.exe quantifyingquantifying_service.exe RAMprotocol.exe romaguera_bypasser.exe SAStransmitter.exe sleekfreshmouse.exe Show More SleekSteelShirt.exe usbpixel.exe
Legal Copyright	Copyright (c) 2009 King and Sons Copyright (c) 2010 Hahn Inc Copyright (c) 2015 Bahringer - Altenwerth Copyright (c) 2019 Mueller LLC Copyright (c) 2022 Emard LLC Copyright © 2015 Romaguera - Treutel. All rights reserved. Copyright © 2019 Boehm - Stokes. All rights reserved. Copyright © 2023 Glover LLC. All rights reserved. © 2006 Bergstrom - Toy. All rights reserved. © 2007 Hodkiewicz and Sons. All rights reserved. Show More © 2022 Simonis and Sons. All rights reserved. © 2024 Robel - Hilpert. All rights reserved.
Legal Trademarks	All trademarks are property of their respective owners. JBOD monitor is a trademark of Emard LLC. All trademarks are property of their respective owners. multi-byte array is a trademark of Robel - Hilpert. All trademarks are property of their respective owners. quantifying quantifying is a trademark of Simonis and Sons. All trademarks are property of their respective owners. SAS transmitter is a trademark of Hodkiewicz and Sons. bypasser is a registered trademark of Romaguera - Treutel in the US and other countries calculating next-generation is a trademark of King and Sons Ergonomic Cotton Ball is a trademark of Hahn Inc RAM protocol® is a registered trademark of Mueller LLC Sleek Fresh Mouse is a registered trademark of Glover LLC in the US and other countries Sleek Steel Shirt® is a registered trademark of Bergstrom - Toy Show More USB bandwidth is a registered trademark of Bahringer - Altenwerth in the US and other countries USB pixel® is a registered trademark of Boehm - Stokes
Original Filename	boehm-usbpixel.exe ErgonomicCottonBall_client.exe hodkiewicz-sastransmitter.exe JBODmonitor_client.exe king-calculatingnextgeneration.exe RAMprotocol_client.exe robel-multibytearray.exe romaguera-bypasser.exe simonis-quantifyingquantifying.exe SleekFreshMouse_service.exe Show More SleekSteelShirt_service.exe usbbandwidth_2600.exe
Product Name	bypasser calculating next-generation Ergonomic Cotton Ball JBOD monitor multi-byte array quantifying quantifying RAM protocol SAS transmitter Sleek Fresh Mouse Sleek Steel Shirt Show More USB bandwidth USB pixel
Product Version	4.24.1544 4.20.2430 4.15.5016.985 4.13 4.9.895 4.4.985 4.2 3.22.1751 3.6.1766.610 2.25 Show More 2.20.1016 2.2.639

Digital Signatures

Signer	Root	Status
Bahringer - Altenwerth	Bahringer - Altenwerth Intermediate CA 2	Self Signed
Bergstrom - Toy	Bergstrom - Toy Intermediate CA 1	Self Signed
Boehm - Stokes	Boehm - Stokes Intermediate CA 3	Self Signed
Emard LLC	Emard LLC Intermediate CA 3	Self Signed
Glover LLC	Glover LLC Intermediate CA 2	Self Signed

Hahn Inc	Hahn Inc Intermediate CA 3	Self Signed
Hodkiewicz and Sons	Hodkiewicz and Sons Intermediate CA 3	Self Signed
King and Sons	King and Sons Intermediate CA 3	Self Signed
Mueller LLC	Mueller LLC Intermediate CA 3	Self Signed
Robel - Hilpert	Robel - Hilpert Intermediate CA 1	Self Signed
Romaguera - Treutel	Romaguera - Treutel Intermediate CA 3	Self Signed
Simonis and Sons	Simonis and Sons Intermediate CA 3	Self Signed

File Traits

HighEntropy
x64

Block Information

Total Blocks:	54
Potentially Malicious Blocks:	8
Whitelisted Blocks:	9
Unknown Blocks:	37

Visual Map

? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? x ? ? 0 ? x x x 0 0 0 x x ? ? ? ? ? ? 0 x ? ? ? 0 ? 0 0 x ?

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

Trojan.Kryptik.Gen.ECL

Windows API Usage

Category	API
Syscall Use	ntdll.dll!NtFreeVirtualMemory ntdll.dll!NtQueryInformationProcess ntdll.dll!NtQueryVirtualMemory ntdll.dll!NtSetEvent ntdll.dll!NtSetInformationProcess ntdll.dll!NtSetInformationWorkerFactory ntdll.dll!NtTestAlert ntdll.dll!NtWaitLowEventPair ntdll.dll!NtWriteFile UNKNOWN

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Kryptik.Gen.ECL

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

Digital Signatures

Digital Signatures

File Traits

Block Information

Block Information

Visual Map

Similar Families

Similar Families

Windows API Usage

Windows API Usage

Submit Comment

Trending

Trojan.Downloader.Waledac.C

Email Deliverability Alert Email Scam

Managedevelopedhighlyinfo-product.info

Most Viewed

Pornktube.porn

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen