Threat Database Trojans Trojan.Kryptik.OPD

Trojan.Kryptik.OPD

By CagedTech in Trojans

Analysis Report

General information

Family Name: Trojan.Kryptik.OPD
Signature status: No Signature

Known Samples

MD5: 943067919c91b9c66bf86a52718e3d6b
SHA1: dabea87316b1454cbb75beac2e330b27045427b6
SHA256: AF1E7B8CEB87ED8FC097BEE16A12C894740688AF60105F5F18F481222B278C37
File Size: 1.22 MB, 1221632 bytes
MD5: 482337876b72b05ad56096c624ab9aa9
SHA1: 8633c62b2e02dedff97c825762c27c0784476d9d
SHA256: 924D8B4868B6F9AE4EB84819CB771FC1C6E0B75E9CFC1B3A76F29AD0AED37A65
File Size: 1.22 MB, 1221632 bytes
MD5: 23f1bb23cfdb4196fdfd51f37d3499d1
SHA1: 75d52f2b890844f5313c95fedc6859dac49fc38c
SHA256: 716E8656B4395E1118D5A11255D8C13811436529374AE34FBB79AFFE22DE3620
File Size: 3.84 MB, 3844096 bytes
MD5: 787ca7eaa35c0125977452c46790dffc
SHA1: 1db8f713e0ed0ec9db69ffb5461be7e71c0229e0
SHA256: E1B6EFF2CABD33E21E6A86861D82A538C702F03363D859060BA4C2E96FF50261
File Size: 622.08 KB, 622080 bytes
MD5: b928bd13269b1549f51cf664f78f6b37
SHA1: c6170d057af6978f573274cf15902a6925b4c796
SHA256: 29254B685085AA7C72F1CF385525C59B9AB9A1009E92B38BDEA8C3836B6673F4
File Size: 796.16 KB, 796160 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name
  • Aero Shader SA
  • Cloud Base Dynamic Inc
  • Digi Flow Commission
  • Tensor Matrix & Script LLC
  • The Link Online
File Description
  • Channel Mirror Stream Move
  • Fast Inspector
  • Machine Revolutionary Provider
  • Simple Super Capacitance Unpacker
  • Zenith Render Interface
File Version
  • 11.7.45.4224
  • 5.5.14.235
  • 5.2.18.43
  • 4.9.9.19
  • 3.8.13.106
Internal Name
  • emergingbridge
  • filter_payment_data
  • international_advanced_sdk
  • router67
  • supply_uninstall
Legal Copyright
  • 2023 The Link Online. All Rights Reserved.
  • Aero Shader SA - Copyright (C) 2025
  • All Rights Reserved. Copyright 2025 Tensor Matrix & Script LLC
  • Copyright (C) 2024 Cloud Base Dynamic Inc
  • Copyright 2021 Digi Flow Commission
Original Filename
  • emergingbridge.dll
  • filter_payment_data.dll
  • international_advanced_sdk.dll
  • router67.dll
  • supply_uninstall.dll
Product Name
  • Enterprise Transition Piece
  • Hexa Diamond Modulator Classifier
  • International Advanced SDK SDK Parser
  • Validation Transaction Micro Updater
  • Vertex Bargain Primary Checker
Product Version
  • 11.7.45.4224
  • 4.9.9.19
  • 4.3.14.296
  • 3.8.13.106
  • 2.6.8.37

File Traits

  • dll
  • Installer Manifest
  • Installer Version
  • x64

Block Information

Total Blocks: 292
Potentially Malicious Blocks: 157
Whitelisted Blocks: 135
Unknown Blocks: 0

Visual Map

0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x x x 0 0 x x x 0 0 0 x x 0 x x 0 0 0 0 x x 0 x x x x x x x x x x x x 0 0 x 0 x x x x 0 x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x x 0 0 x x x 0 x x 0 0 x x 0 x x x x 0 x x 0 x x 0 x 0 x x x x x x x x 0 x 0 x x x x x 0 0 x x x x x 0 x x x 0 x x 0 0 x x 0 x 0 x x x x x x x 0 x x 0 x x 0 x x x x x 0 x x x x x x x x 0 x x x x x x x x x x x 0 x x 0 0 x x x x x x x 0 x 0 0 0 x x x x x 0 x 0 0 x 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Kryptik.OPD

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateToken
  • ntdll.dll!NtFreeVirtualMemory
Show More
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • UNKNOWN

Trending

Most Viewed

Loading...