Trojan.Kryptik.GNC

By CagedTech in Trojans

Threat Scorecard

Popularity Rank:	7,668
Threat Level:	80 % (High)
Infected Computers:	50

First Seen:	March 15, 2023
Last Seen:	January 21, 2026
OS(es) Affected:	Windows

Table of Contents

Analysis Report

General information

Family Name:	Trojan.Kryptik.GNC
Signature status:	No Signature

Known Samples

MD5: 777190b6d8c05805fa8664a710f25990

SHA1: 764938aade47eb2f8cce509bc0f7e096b19280f6

SHA256: C884E64593B60FBE10B97359105EAE426F4456511ABE8E2A118486384C70B427

File Size: 2.59 MB, 2588672 bytes

MD5: 2107147b79fb2ccb9036b33fd6dd82b3

SHA1: 9aa80779085cf269850dfff6cbff080ebf68a4b6

SHA256: 16F8A5075E4D4F860CC212D137D4589834E6821242F7CE081FB7ABC402FD71DC

File Size: 2.59 MB, 2588672 bytes

MD5: 4906fdfd2ac9a24340ac90b4c66e6e52

SHA1: 6bc11100a89b4008c328adc1378bbdac344f0e99

SHA256: A640E31BF23815F64CE61259BDBFC2BCEE87845C8D10115E8AFF3C81CC7DF71F

File Size: 2.75 MB, 2752512 bytes

MD5: e8daeda6df443155f6d77af7bb635211

SHA1: 52f4e6ba8630975298a9745d7775fd84f44db575

SHA256: 545FDBE96224F27B9B92EEEAD7B1AE64B3D0683F9417E437CF81585649A5C2E8

File Size: 5.55 MB, 5545162 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have relocations information
File doesn't have security information
File is 32-bit executable
File is either console or GUI application
File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
File is Native application (NOT .NET application)
File is not packed

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name	Value
Company Name	Core FTP
File Description	Core FTP client
File Version	2, 2, 1910, 0 2, 2, 1778, 0 2, 2, 1747, 0
Internal Name	coreftp
Legal Copyright	Copyright (C) 2003-12 Copyright (C) 2003-13 Copyright (C) 2003-17
Original Filename	coreftp.exe
Product Name	Core FTP client
Product Version	2, 2, 1910, 0 2, 2, 1778, 0 2, 2, 1747, 0

File Traits

Block Information

Similar Families

Kryptik.GNC

Registry Modifications

Key::Value	Data	API Name
HKCU\software\ftpware\coreftp\prefs::shutdown		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::progresstype		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lc1		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lc2		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lc3		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lc4	ÿ	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lcbkg		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.asp::.asp		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.bash::.bash		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.bat::.bat		RegNtPreCreateKey

HKCU\software\ftpware\coreftp\textext\.c::.c		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.cfm::.cfm		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.cgi::.cgi		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.cpp::.cpp		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.css::.css		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.csv::.csv		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.dthml::.dthml		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.h::.h		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.htaccess::.htaccess		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.htm::.htm		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.html::.html		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.htpasswd::.htpasswd		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.inc::.inc		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.log::.log		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.mak::.mak		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.php::.php		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.pl::.pl		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.shmtl::.shmtl		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.text::.text		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.txt::.txt		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\textext\.xml::.xml		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::cd		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lad		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ar		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::smax	鐀眵	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::smin		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::rmax	鐀眵	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::rmin		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::fsx		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::fsy		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::flx		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::fly		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::isx		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::isy		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ilx		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ily		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ib1		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ib2		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lstvw		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::logvw		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::stsvw		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::tlvw		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lstyl		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::rstyl		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::noops		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::shdl		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::sndson		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\prefs::delete		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\prefs::xferdisplay		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\prefs::shell		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lfn	COREFTP.LOG	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::lgxf	CORE_FTP.LOG	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::transferdialog		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::rsz	က	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ssz	Ȁ	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::autocnct		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::skey		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::xist		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::xisttime		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::xistopt		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::xferretry		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::retrycnt		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::connretry		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::connretry		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::anonpass	user@com.com	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::anonuser	anonymous	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::sysbeep		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::shsess		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::shsites		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::delsite		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::pasv		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::mv		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::cepth		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\prefs::xfercount		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::mxcns		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ctmout		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::mmax		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::conndelay	=	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::connretry		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::conncnt		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::disconn		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::xdisconn		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::resize		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::slider		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::splitter		RegNtPreCreateKey
HKLM\software\wow6432node\ftpware\coreftp\opts::dss		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::fls1		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::fls2		RegNtPreCreateKey
HKLM\software\wow6432node\ftpware\coreftp\opts::d4		RegNtPreCreateKey
HKLM\software\wow6432node\ftpware\coreftp\opts::d5		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ssh::zlib		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::defftp		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::uf	壑楟	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::idsite32		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\commands\2::t	HELP	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\commands\2::c	HELP	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::idsite32		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\commands\3::t	QUOTE	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\commands\3::c	%0	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::id32		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1767856338::id	壒楟	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1767856338::ext	.htaccess	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1767856338::prog	notepad.exe	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::id32		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1767856339::id	壓楟	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1767856339::ext	.htpasswd	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1767856339::prog	notepad.exe	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\coords::mainx		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\coords::mainy		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\coords::mainw	Ɏ	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\coords::mainh	Ɔ	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext::extprog	notepad.exe	RegNtPreCreateKey
HKLM\software\wow6432node\ftpware\coreftp::reg		RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\app paths\coreftp.exe::	c:\users\user\downloads\764938aade47eb2f8cce509bc0f7e096b19280f6_0002588672	RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\app paths\coreftp.exe::path	c:\users\user\downloads	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\prefs::init		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\prefs::xfertype		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ut		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ud	壖楟	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::uf	嫛楧	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768381148::id	嫜楧	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768381148::ext	.htaccess	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768381148::prog	notepad.exe	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768381149::id	嫝楧	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768381149::ext	.htpasswd	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768381149::prog	notepad.exe	RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\app paths\coreftp.exe::	c:\users\user\downloads\9aa80779085cf269850dfff6cbff080ebf68a4b6_0002588672	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ud	嫟楧	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::fms		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::rsz		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ssz		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::feat		RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::uf	㬏楪	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768569616::id	㬐楪	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768569616::ext	.htaccess	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768569616::prog	notepad.exe	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768569617::id	㬑楪	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768569617::ext	.htpasswd	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\ext\1768569617::prog	notepad.exe	RegNtPreCreateKey
HKLM\software\wow6432node\ftpware\coreftp::reg		RegNtPreCreateKey
HKLM\software\microsoft\windows\currentversion\app paths\coreftp.exe::	c:\users\user\downloads\6bc11100a89b4008c328adc1378bbdac344f0e99_0002752512	RegNtPreCreateKey
HKCU\software\ftpware\coreftp\global::ud	㬓楪	RegNtPreCreateKey

Windows API Usage

Category	API
Other Suspicious	SetWindowsHookEx
Network Winsock2	WSAStartup
Keyboard Access	GetKeyState

EnigmaSoft’s Payment Processor Digital River GmbH Filing for Bankruptcy Does Not Impact SpyHunter Customers’ Anti-Malware Protection

Search

Change Region

Trojan.Kryptik.GNC

Threat Scorecard

EnigmaSoft Threat Scorecard

Analysis Report

General information

Known Samples

Known Samples

Windows Portable Executable Attributes

Windows Portable Executable Attributes

File Icons

File Icons

Windows PE Version Information

Windows PE Version Information

File Traits

Block Information

Block Information

Similar Families

Similar Families

Registry Modifications

Registry Modifications

Windows API Usage

Windows API Usage

Submit Comment

Trending

Trojan.Agent.LFB

Trojan.PrintSpoofer.D

Trojan.Agent.IFSC

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

Discord Shows Black Screen when Sharing Screen

How to Fix 'macOS cannot verify that this app is...