Trojan.Kryptik.YKAK
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Popularity Rank: | 2,930 |
| Threat Level: | 80 % (High) |
| Infected Computers: | 1,427 |
| First Seen: | September 9, 2024 |
| Last Seen: | April 20, 2026 |
| OS(es) Affected: | Windows |
Table of Contents
Analysis Report
General information
| Family Name: | Trojan.Kryptik.YKAK |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
ecf68c03820dc64c18233c3b2acb1a33
SHA1:
95371c8a35e316f8314ba44069857e0bd058cf2e
SHA256:
7FD005A23F3A882EEAD4D2B86E4FC5092B6C37A7BD48B42D23E749F335797CCD
File Size:
906.24 KB, 906240 bytes
|
|
MD5:
08852b2bc5a6de2bd316688fefab0b9d
SHA1:
3f725a58287790ff7fa7aebce9adb3f8d08a8f74
SHA256:
BDC05955AD8604E3390DAFE05DA357593C867C0E6B72B16B50E0FE42E0572CD1
File Size:
1.54 MB, 1539704 bytes
|
|
MD5:
6ded12cdb59aadd1699c51e5f5e117f1
SHA1:
ffde48c0e10c9e7ea3d8ea8e9a64a7b6654d89b0
SHA256:
8DC6EC17230D139B6414FC0D8EAA702B5B6D80BE5DBBC89759FF76ADC33638C8
File Size:
1.05 MB, 1048040 bytes
|
|
MD5:
8f2a26b2f3c761e2dbd4bf9d5136d76a
SHA1:
096c9f5d7ac104c04b69c6c179eb601488def04f
SHA256:
79FFE12DF7762DA0905F23CF602033A4AF3C4A5DBEB239A4915665D935E30411
File Size:
1.28 MB, 1277928 bytes
|
|
MD5:
fbeebc6df966baad86cae96a64635b92
SHA1:
d54383bf5792dcc30ff644d61c1829248fd14313
SHA256:
72E28B704AF16A5B57550828D25C1FBDC6D42D4CBEC0D8680B77542A60BD09DA
File Size:
1.08 MB, 1084392 bytes
|
Show More
|
MD5:
29d0bc177bf26522e89ddfed5a9af9e1
SHA1:
b9c231ad63cdf7ebedc4f14553dd4d0bbe909316
SHA256:
84F8FD9F7BBDD17B8656E43B63710C9DCE434B04A5F3F8E47019023882D97867
File Size:
1.47 MB, 1468280 bytes
|
|
MD5:
00b0d6480837f612d2fccb0ac116471a
SHA1:
d768ef1f867922f0daee698386c740cf1eec5ef9
SHA256:
8F847F4D79D9848EDE798A89B481DAFE2C1A757B3AD6090DD7E12C9BB25203E1
File Size:
840.70 KB, 840704 bytes
|
|
MD5:
34c2e633401d3443281d7543a9873fae
SHA1:
0b10cc0ac20351f6077c3c178309e4594e96a9b9
SHA256:
25CD2AB3902FA86CD41DD4771180A6E6BDAA1F1E433777BA00CFC452FC22BDB6
File Size:
1.58 MB, 1576056 bytes
|
|
MD5:
2f3b81e4a7ca546cb40fca95bd055b46
SHA1:
4a6ac388f89489562936695619f262727b263b77
SHA256:
10CDEC66BF840CF45C6170785AEAAF36A5446C150C71C2829D3DCFB46348D4BE
File Size:
1.54 MB, 1539704 bytes
|
|
MD5:
abef7acb44a24fbd4f2318828804a0ff
SHA1:
53953c4b82779e180feb1f02d674f5b8df736541
SHA256:
4F9FCD5CC76840C866B61467C1A8D6285DC39DB5B0AAE35092F9CB73441BA8D6
File Size:
1.57 MB, 1571448 bytes
|
|
MD5:
a92d8e38a1b5d023a8ec3a24bbda32db
SHA1:
bdf8f1c19b7f12186fab8986414c4b2c75315abc
SHA256:
BCF85EFD08BE09FF4EB0AC04C8EA56E2457C1A065310263112DDC1C02337FB26
File Size:
1.08 MB, 1080808 bytes
|
|
MD5:
979a0156717219b4ff51d31dc1af6b29
SHA1:
fff61cc1816d8a5c3de94da58a1a455a9c61cdde
SHA256:
1B6299A1BB3F75442FDC9F4745DEAA4DD28FBCAD398DB43816B964895868A092
File Size:
1.66 MB, 1655416 bytes
|
|
MD5:
e67596453b639c505bf1b40ac8f2ff1f
SHA1:
09297ba170fa46cd9cb3bc08a3c0d6b8f3d4ac5d
SHA256:
8643580F40E9844BA6C4F9451037C7ABECC44A41A13D3056BC55C8CB46F82078
File Size:
837.63 KB, 837632 bytes
|
|
MD5:
ad1a544a87a8473cdd97bd3d1ca9bd9f
SHA1:
ba5e908e465dd2dffe274c5af91d549a81a3207d
SHA256:
DACB56B36FDD8918AE35615DDD6A8AE81C3A56A80C00496AD2D4339FB8A8125E
File Size:
1.00 MB, 1003520 bytes
|
|
MD5:
b61e9497000b8de0e3dd27451e9d0361
SHA1:
403e1675b5075d563f84842d29d212b16ec8bfe8
SHA256:
79941EF91AEA5D5FB55D4C79534839D1A9E2C39CF9C7D4FFFCF1704DA3C1D637
File Size:
1.24 MB, 1241600 bytes
|
|
MD5:
e0dcef300951296e68d89dbd7e3f1be9
SHA1:
98837a890ed298252e9750311430f51a68eaedf4
SHA256:
F1A35EC82603335F9F188813527DBD4AAE2C09AF0DF078712CFF474D12BBE25F
File Size:
1.07 MB, 1069568 bytes
|
|
MD5:
fd5c777e0bd6aedfa05b56384150b6db
SHA1:
442eb7d96848b34a0609a9102f3c054bdb61bff2
SHA256:
5F66F558D25A4FC9F8243B6D2C86DC1F40A9BDA3D858B2D8E3CC9D9BABC25945
File Size:
1.10 MB, 1099752 bytes
|
|
MD5:
9ce97ed6de7cf83e172709cded622cde
SHA1:
ab37a8eaa1a0cb7f6c622fef6fc46a8a77653222
SHA256:
97227DEDF4073DC9A79B8BE257CA7D7D293E5CD410D61C8D8AEAF6B03425AD63
File Size:
542.72 KB, 542720 bytes
|
|
MD5:
d26be819f0322805d4907c83b195737c
SHA1:
5baacb458cfb9797dcd39028cb340b80dd2125d2
SHA256:
84940929AD65E3E403A49E08D602BDB17CF989A1BB1D83CD77CAD627ED151A7D
File Size:
1.06 MB, 1060840 bytes
|
|
MD5:
57eb4d1ef9797b454ac59ad0c8e4359e
SHA1:
5498b7d49eb56995e51c1a7c2eec5f95362b0664
SHA256:
7795D9AF825CDBB7FD6C92957F316244FFA8E2AC1002121EB8772F01193F3ED4
File Size:
839.68 KB, 839680 bytes
|
|
MD5:
270595f6140bcbf52096cd2c9e9551d3
SHA1:
df27abe4c3af90e173c2f54f788a3a28a28b5afd
SHA256:
5AFC91699D0F21013CF2AB0FA86A56CC4FBC83EBD311D6C92FD3A6A3159A3AB6
File Size:
1.03 MB, 1029632 bytes
|
|
MD5:
e156809dd2c758617401299b0df25bc1
SHA1:
be0f5edf347a0d204bf9a26da6014ba9cd620538
SHA256:
8F622F45FFB36F7C853C36372C2403955067A421E84BE8D6DD5EFC1BE6A34F3C
File Size:
1.64 MB, 1639032 bytes
|
|
MD5:
945db9e54f26c96c8d0c90a9bbf1627d
SHA1:
7980286350c2239ead3f25ae998c1ebea9301e9e
SHA256:
C8166026D50F71F51B1B05D3B78E1F7AF8FF665591FB87410887D7CB27925C21
File Size:
1.08 MB, 1075200 bytes
|
|
MD5:
f7d47280f424561c98911bb56ba24553
SHA1:
da929bdf73df86b9f66e80912c0dc1a117693d1b
SHA256:
75E0CB08C802802B34EA36D83C388D33AD0858B41E40B1FEE11F5756D92D95E4
File Size:
1.60 MB, 1595512 bytes
|
|
MD5:
7fd5e5ed8d7f4515ca0055550e34a7ba
SHA1:
9bb2e3653108dc0a1b87c02094992ab26092cf18
SHA256:
AAF92AD7DA4869E4FDE82DE29B8FD68AA98C7887F4FEC36528DBE60104AC53D9
File Size:
1.57 MB, 1570936 bytes
|
|
MD5:
bdd6c09cbe8efe6224d247f21aeadee4
SHA1:
d06be1d0ffcdd162bbcb5d19b337fce391968e47
SHA256:
03CFF2FD01F8E8DF36A5B67BC410F5D0CF93E3923EEFB5F218F2BA781DFD9D0C
File Size:
844.29 KB, 844288 bytes
|
|
MD5:
fcdfa8f9d2aabcd613b2f55b4dda0d6f
SHA1:
8256bbc04ab4b89f2d64531053445897ebdc1806
SHA256:
2D9C1A04F2C9FF0368569BEB1264FF5CCA510B4C978FAB48C8C5E419A8D143CC
File Size:
1.08 MB, 1081320 bytes
|
|
MD5:
4f155ecfc205d44971fd89530d706056
SHA1:
bb2713e67ed17ec653fa1c8df064f11416b9f83b
SHA256:
C90E8667D855CECAB85008CA5F1DFB192FCFB9C23D99A529591D1FC531B5A92C
File Size:
1.49 MB, 1490296 bytes
|
|
MD5:
9ebc36871c0adcbb03d5b8327d1f3406
SHA1:
4ef97bf6d0dd65ceeb0d8b466a6d1ac6706d6fe4
SHA256:
4A17FC5ADD978F61125017A85DE49511023F6CA308B61F40764506B7A1631CD6
File Size:
1.24 MB, 1241600 bytes
|
|
MD5:
97c80e79f6d0460fac0fd4fc7e0f1fe6
SHA1:
5b20eb15e420429e727f326867d8fda42635a199
SHA256:
20C77716E88070D92FAC2A41B8190BC534657142CBAF28554401BBCEC0C473AC
File Size:
1.48 MB, 1483040 bytes
|
|
MD5:
a29a29dbc32188bf94cf9d005bccfb68
SHA1:
1c8086e38016c94e41802d07a15d1aadc183bec0
SHA256:
598E707A2402555BE0FE4939BB5269869878C07B2774BBCEEE328BF67051020F
File Size:
1.16 MB, 1155072 bytes
|
|
MD5:
5f4ccec72a8066469a5e53f1a37eb356
SHA1:
aa9c50c24f6c0c7d2b5d845492f9e068ee7e53b6
SHA256:
E0E367A1F3E2F5E919C7E550365C142101740293DA96F5D005536B35F9359B49
File Size:
1.49 MB, 1494016 bytes
|
|
MD5:
5c58c0f0fea151c06eeeee54cff88900
SHA1:
d7395adf623d42631a58807d43933a255b9a2c7f
SHA256:
E442C1107CBE0503305C24C6E0C14F0A065956707622129ABFC477F59FFCBC34
File Size:
1.08 MB, 1075688 bytes
|
|
MD5:
007928198c90350d8d82366508c03044
SHA1:
63ff83a5375d7bea4a2e6d652d4a0d052d0b2fe1
SHA256:
DAE6A87EFF1843157C8371D8E76B90781754DF773E99A9FFE3FE15DDF3DE6CCE
File Size:
1.25 MB, 1245696 bytes
|
|
MD5:
3497a1f839f7ffee8eebc8eec7cbfeae
SHA1:
f88b4adf9aee09e272788103b407ee6433b82690
SHA256:
18B897274BB710D87EEBC3DB23DA1C8CD572E3B4E5F55FD1329D015790E0E2B3
File Size:
1.18 MB, 1183744 bytes
|
|
MD5:
1b37e45da297bef58aea5028f6e7f681
SHA1:
69486d3e73e71e875e81c8cf8b7bc6792dad3bcb
SHA256:
0DE63BD7B7033A2E6D4546510297CA0D267471F90CF439C2D32E7CF1C218A14F
File Size:
847.36 KB, 847360 bytes
|
|
MD5:
e468e1f4cf1a523d20fd9d060428f70e
SHA1:
c7cc6bffbb576f494f9a22254935e972cc3e4eb1
SHA256:
CEE6D75F2F47C8F41BAF60FE6F25009EE6EDEB044DC23D1D7A45FA302CC73B82
File Size:
1.29 MB, 1294848 bytes
|
|
MD5:
ac82336108e9786169e671d5470dae91
SHA1:
17b00f6212fc222b9d51c0c45e9972de5c1bde07
SHA256:
347D528464BAF9B42BF680970C0DBE0F39682FAAFDF2DB56413F724F4722254F
File Size:
1.08 MB, 1083368 bytes
|
|
MD5:
b992a81025590a9c356ed61e8f6fbfc4
SHA1:
142e8d9233561bb1c85f2f152b3edc9d686f164b
SHA256:
78D11738CB576A34D24AA9062C8012383845AAF9AD035DB1C8EA44540A6E8823
File Size:
1.24 MB, 1238528 bytes
|
|
MD5:
eb553d9ec221a88ad30ef7f5f1e89587
SHA1:
9c002ee8cdd00be7c59f739a27688c4df5cc22a4
SHA256:
46BD4D26CD3E1E2DD4E36D18365C2E7AAD188B047AE41BE3AC1F61E06132A4C0
File Size:
997.89 KB, 997888 bytes
|
|
MD5:
3f9433ed4ba954c31a67b23beb207541
SHA1:
7e503e197a8303f0874b2cd04dce40d8c736ebe2
SHA256:
79573E87F9D6F19ACC4A27DBE3FBCD968D2CFD73FF510CE30E644EAF19AD32DD
File Size:
1.01 MB, 1013760 bytes
|
|
MD5:
87a21a015161deffc67c2b7945470297
SHA1:
43ecd1eb5b22408d23a84dd56480de8a55d3d5a6
SHA256:
D1E2474C44B9FBE81412ACE96637F01E0629B53F5A3AC34EFF0932BBC147D1BA
File Size:
1.27 MB, 1273344 bytes
|
|
MD5:
5861ec39bdec98852de437615ebd7a68
SHA1:
c659c52e428907e7a5482a0bebedb976ce9fc4e1
SHA256:
DE9ED09BFE9A9BA1932618813CCC598AF8C2EC99E111E5C07AF27E6F6EC8AF46
File Size:
1.67 MB, 1665656 bytes
|
|
MD5:
0cf8280f930cfb362d3a46a2cf9764f2
SHA1:
cfeb11c640e8c69db7a6ac3e74827e5653266a67
SHA256:
5AF64C5774187BC67B4780BD46B8D1CD6E35F50FC73123E5FA87A5192CA5C961
File Size:
1.39 MB, 1390368 bytes
|
|
MD5:
c72b186115d11d0cd0769432da87591c
SHA1:
8bce1d9b0426c9641458780fb8968bfc87823daf
SHA256:
8F9D787BD41E24D0512374174EA2C9C82CC1EE99270683BFF2771D0BEE2D8A0A
File Size:
1.63 MB, 1626232 bytes
|
|
MD5:
d7d0ea4b7c45a93eff8ac7bfa99ad545
SHA1:
cb07500d518e4b8b932a82285fcf6ae4ba5cedf0
SHA256:
7155AF0632E649D37523898C6223550CF274C00AC593DEF2B35013B79ECEEAFA
File Size:
1.08 MB, 1076712 bytes
|
|
MD5:
106fcd16298629379bd310adda2482ae
SHA1:
9e6c3df9dd1b25990eec435a30f1932275fdf6af
SHA256:
8414DE728AF37BD9729CA41A41EBC25D75B379BA336B38C71B5A342877F85348
File Size:
843.26 KB, 843264 bytes
|
|
MD5:
cceb46f8cf6b2bf88debf55d546a7558
SHA1:
9f3d0de66cfd83e54f3d700c635212b09262b593
SHA256:
225281CA58E0FFA10D8F6260D8DE6136B0B811E87E2856EBB4A444AAB587156A
File Size:
1.63 MB, 1633400 bytes
|
|
MD5:
43915a9a212a01f5fa7d71e42f5609ec
SHA1:
5f0f7b61ec9b47994bfc4f1efe5add904c556ae8
SHA256:
6D58A0C8AA6A4C7857CB8F7EA390BA7DE3438A7992994F6B2C395868DF9AF39C
File Size:
1.40 MB, 1395200 bytes
|
|
MD5:
ef78f40f04b72e9cf9f3b051c0d2e875
SHA1:
3fb16d10f8bb2ef0947e9fa63e767bdcb3c168ee
SHA256:
EBE209D6E14D377AD332EA92E6ECBBD8F08CF8D442AD9AAA851B35F32487C12A
File Size:
1.15 MB, 1149952 bytes
|
|
MD5:
be53b4be27ba2a2d829401771fa1add4
SHA1:
a5a925a38f7ad882ddbac3e1b34bfacadb57308f
SHA256:
3C05E1053C8F636FCCBD055DFD338B851190DF6DF8DA0A5261AB7FEDE2E529AC
File Size:
989.70 KB, 989696 bytes
|
|
MD5:
c885abb8d7e4c99f543451b7b3ee2cce
SHA1:
f40c9ce002a5f64db90aa82205b3863bb44dfbb8
SHA256:
72B8E09CDF601212A511912101A915438E98331D5A7212F4170CD70F0D38BA17
File Size:
1.24 MB, 1243136 bytes
|
|
MD5:
9c4c380118dd76f1ef5dabfde80fcf4a
SHA1:
a92565523840f7fb233322ab6d9259ecec4d5aab
SHA256:
44903835B0D4C24F683EE05A7B86D82882D0350C794F44C9AA7DF1C3535DAF84
File Size:
544.77 KB, 544768 bytes
|
|
MD5:
e90c78b1ad1022b464e0945f09b17d26
SHA1:
f72fae6234a298391d8c9e76b948a019eaa2a6b8
SHA256:
E97143377792B85F1651ED8B39713D9C28B0422C75A01EE33518B7FE599B1C04
File Size:
1.09 MB, 1085416 bytes
|
|
MD5:
15a463c1abf3ed189b66b11348ac608f
SHA1:
03fea7c907526a4378524a737ee83e8d31f21c92
SHA256:
34F9B50F30A4A91632AD8C0349D6B30C4325CE4374D0C6B591EBE00D3ABA910B
File Size:
1.12 MB, 1115136 bytes
|
|
MD5:
6044e89ba057ee15076d949c7cf5c1ba
SHA1:
1f2ecf1b5510a405d8c71b8db524e6b393f0864c
SHA256:
F54CF275CDAF40B51C1950AB74C33D319548ED55AC60915F2FE58C9097AD1F9D
File Size:
1.24 MB, 1238016 bytes
|
|
MD5:
b31ff06b7a2907adbed2f565484ceb92
SHA1:
9b6fd25e4081ca74e89c112ef04454810573ebbb
SHA256:
5E5C390AED9AFB753088527CFAE9CC642232215853EEC5FD4009EBBAFD144133
File Size:
1.24 MB, 1243648 bytes
|
|
MD5:
4708bbb2f1364a6e6c31327f2b787e38
SHA1:
74fca7e8aa047822f9d8b2f440cafb2cf634b9e9
SHA256:
1F4177559FDEAC6F7515152261382F5578C8FB795FFD428241330CBC566A2F63
File Size:
1.24 MB, 1240576 bytes
|
|
MD5:
5d9e509ad9d007f50db83a75c7a56330
SHA1:
e349b1b0df862cf36bd573d2ef7710fb785d5f73
SHA256:
F465207F9AFD5BA58D2B01240D55BA997EF1A21469E05A96E696FD145710D42F
File Size:
1.08 MB, 1084904 bytes
|
|
MD5:
be7a8db3969bae79c4a3006fc0a1c390
SHA1:
827e5160a9f81b89013e84a53c19e89fe0687c52
SHA256:
B9A6851D4318443E8F0CCCB0D44010D8D554E9AFE1FA623DDD913204DFC3E77B
File Size:
1.13 MB, 1129984 bytes
|
|
MD5:
870a44d2512aa29b7899fd579115da46
SHA1:
3223960ddb20a739d41f75c22d1da9906104c78e
SHA256:
98175C175A3542FDCA34EA62D6E3B0A8DDF9F60867277584A757E74CC06EAE70
File Size:
551.94 KB, 551936 bytes
|
|
MD5:
89cef045fe9e02d9517c04c4a0dd3535
SHA1:
277c0ac736bc709f452e7a480889d995a2b65b67
SHA256:
E1B50D1F385D7A94F7538AEA162CA04B09EE6926E67914D992536EE22938B6F2
File Size:
1.06 MB, 1064424 bytes
|
|
MD5:
88768fb1f97761fbd7f221bb5acf0a54
SHA1:
2102f9ed6f5bbaab42847215a0837a25718a6150
SHA256:
DC54051D0F781526C77472F1CE85190BC065AAFC8FA7B18CA8BDAA67DDA26188
File Size:
971.75 KB, 971752 bytes
|
|
MD5:
6969b75d0470571fa7e31e0beb5f7ef2
SHA1:
f2d39e0329fe03a6f3541642d6b3a69b2b4cbad8
SHA256:
0B2FD0ABB4A1722D5BC4196DF912249CDF6C7EE38C55E23F9B13E1B7A1D83B6C
File Size:
1.64 MB, 1643640 bytes
|
|
MD5:
8bb843f3228b1832032ab140c3d27d39
SHA1:
238b96bd4be8406474a1a3272ad5c603c3905c49
SHA256:
2655A3CD408F2D6CC292D87DA3EC1C171B8663AD2CCC87B6F4FC38EDED43F7D4
File Size:
537.09 KB, 537088 bytes
|
|
MD5:
b81ffb7d9a326b6bbf013baad38e57dc
SHA1:
513eb50811e2dba08052a3c49bf73d17dcb9d416
SHA256:
2EF2BB202465D967647DFC6A0EBA754B102F4B437F3E16781F0EEBDF21BE6B61
File Size:
1.15 MB, 1152512 bytes
|
|
MD5:
78fd603410e9f14ed02f260a06224267
SHA1:
f43408126c5198e3d8629e493144dfaaf57600fa
SHA256:
D7154A8C404B94667F8040C860F2C9048A15167E3E3584372EEAFA9F87F22660
File Size:
1.65 MB, 1645176 bytes
|
|
MD5:
f1b579648930ecaf3a4b4e37ac7e487a
SHA1:
41cebf3ac6db206a4ec0c4369bce6c8f40124912
SHA256:
3223883657DBBD2ED28D587E53092DE37580884F2B2868D687B436C63D5860D8
File Size:
1.03 MB, 1028072 bytes
|
|
MD5:
63c0e5aa5c2a52cc7068220b0c904fa4
SHA1:
f0783477e4e658e78afd4e52031c0e8add7540e9
SHA256:
1DBABFA19BE1574519343566B7CD6306AC228D75B0BF08DE797D4CEE7F38E7E4
File Size:
1.48 MB, 1478008 bytes
|
|
MD5:
b8f51fe8e41265e3b562e5dadc48f3c6
SHA1:
1c7022f44416c85badfabcedb94e7036285a8e02
SHA256:
FC297D751E6A7F36AAAFAB7172165718346687FBE872A41CE45B97034B154E7B
File Size:
1.37 MB, 1365792 bytes
|
|
MD5:
42c992f5f8b008a42969b258d5597c22
SHA1:
d6c7c05764f53b168c89dd1ea689c4e3bce9db53
SHA256:
71BF1802939FE2C8AC4CDEDED0F36AA9FF5ED04264D6B625658CA308224E1C67
File Size:
844.29 KB, 844288 bytes
|
|
MD5:
b3c5fff471e4f9f438773ec7fb93eccb
SHA1:
e8e748dfa90c2033f3eddae2ab76993b55b718a3
SHA256:
BBE13151A7B891DBBC572C99FC03AC30E27A447C4A7F58004ADF6A974C28DAF0
File Size:
883.20 KB, 883200 bytes
|
|
MD5:
131a12b220b3fa8b2734058a92859685
SHA1:
785f1a52a3cce7ea4296156ab339a47afe4885e6
SHA256:
55CA7C76F20DB4A28D581B2860D43C2A06EFA5474C77CA67110EABE3D2BFE21C
File Size:
1.07 MB, 1067496 bytes
|
|
MD5:
84464db32ea1e895a05d061c47be1c8f
SHA1:
17448e5d5e6c4f99a1af5f21f12ef118586f3908
SHA256:
18F2865B782EFD283032B452F94B0B231DD91E7AF574504543A033870F4E5D38
File Size:
973.82 KB, 973824 bytes
|
|
MD5:
2a073bde4d4b4cdeeb671d4bde97e5c5
SHA1:
f189fbc64abee226daba72e1c5e27cd4a6c29c92
SHA256:
033C2F320B7AA9AA38883FDB8D10EF4D948C3113510EA354CBC7973BF7C57DA0
File Size:
1.48 MB, 1476096 bytes
|
|
MD5:
58604b1552ab92803596d0fd0fd98970
SHA1:
bdafa11a72a317d8a93954317ff6e03f065aaadb
SHA256:
1DB44749FC60F7A471F4D3C78D8023A00274BE213870635B4317BCBC6DE360B7
File Size:
1.61 MB, 1605240 bytes
|
|
MD5:
6acc21504d60bf848ad7a78ee3c4c7e8
SHA1:
48972d4a876992b9270c2edc2d04aef3ea54584b
SHA256:
AEC6FD6C1C9AB494632E998E234CF517BF00C5BFAC815D1BF9F78B08CF17114E
File Size:
1.06 MB, 1060840 bytes
|
|
MD5:
2e08fb71c44ef000ee3736745810462d
SHA1:
2853e830b8eeb951426dd32042680efdec220dc8
SHA256:
59859A1A459C2ADE4A071992E0B9B80FDDDF83FF09627E160B46FF91DEC6B5D9
File Size:
1.24 MB, 1235456 bytes
|
|
MD5:
2fb980e17c405b4774fb33fa289314cb
SHA1:
be6b8ebe6dfa06b43d5fbc03046e591afb9be74b
SHA256:
CC5E1C516231C4762DE3E753AE579D6B3C03F1A53E9DAF2B00000CF8B92707A9
File Size:
1.24 MB, 1237504 bytes
|
|
MD5:
c44a20bd5d8428888b535ee9e9bae330
SHA1:
9a4e35710f61f6467bfbb2baf784a58458ce21f3
SHA256:
FF88B734B1C142569B3033D985CA4CA2CFC91F82269F9A92DD4C8D2DDCD99956
File Size:
1.08 MB, 1075688 bytes
|
|
MD5:
47c42c56f14a006f7e6a3ae3a1e2b0b8
SHA1:
3ecb1c290dee8415006f3c7b2a3afe5d8caf4337
SHA256:
8BF4FBB63E57AEE95276E022EDC46F9CAAF30BF994CCE703C4224EF3730DCD71
File Size:
827.90 KB, 827904 bytes
|
|
MD5:
5e61eb8e084d82ad0f0cb637d8818a93
SHA1:
959eacbc1589052b2fb2986d1169e7e30e2cf593
SHA256:
CC4500A0456B10A70C3FC1DAC6BEE70029B819361A8793C404C87E3533A818EA
File Size:
1.10 MB, 1104872 bytes
|
|
MD5:
ef10a737007738113a9947e2c797076d
SHA1:
9a14ba486565900ccb7fd5b32c2a210c01950775
SHA256:
E3BB933F1FE7A2B98E04BD7993ABD5AFE219A6D4FFF562FB73ECB0890D21E211
File Size:
1.40 MB, 1402144 bytes
|
|
MD5:
ac86d22aa3e100360420e323199fa1e4
SHA1:
47d1d7421a229862ae987a15d3b401d4fef95f7c
SHA256:
30DA0D391D84AA8B5141D40CFACC8A639BDB7F2BCBD3493EB2AB0FBD2AA430D4
File Size:
1.24 MB, 1243648 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have resources
- File doesn't have security information
- File has exports table
- File has TLS information
- File is 64-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
Digital Signatures
Digital Signatures
This section lists digital signatures that are attached to samples within this family. When analyzing and verifying digital signatures, it is important to confirm that the signature’s root authority is a well-known and trustworthy entity and that the status of the signature is good. Malware is often signed with non-trustworthy “Self Signed” digital signatures (which can be easily created by a malware author with no verification). Malware may also be signed by legitimate signatures that have an invalid status, and by signatures from questionable root authorities with fake or misleading “Signer” names.| Signer | Root | Status |
|---|---|---|
| Musecy SM Ltd. | AAA Certificate Services | Hash Mismatch |
| OpenVPN Inc. | DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 | Hash Mismatch |
| VMware, Inc. | DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1 | Hash Mismatch |
| MiniTool Software Limited | USERTrust RSA Certification Authority | Hash Mismatch |
File Traits
- dll
- fptable
- VirtualQueryEx
- WriteProcessMemory
- x64
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 2,595 |
|---|---|
| Potentially Malicious Blocks: | 918 |
| Whitelisted Blocks: | 1,628 |
| Unknown Blocks: | 49 |
Visual Map
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
x
0
0
0
0
0
x
x
0
?
?
x
x
x
0
x
0
x
x
?
?
?
?
x
x
x
x
x
0
?
0
0
x
x
x
x
x
0
x
?
x
?
?
x
x
x
x
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
?
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
?
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
0
0
0
0
0
0
0
0
0
x
0
0
0
1
0
?
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
x
0
x
x
0
0
0
x
x
x
0
0
x
x
?
x
x
?
?
x
0
0
0
0
0
0
0
0
0
0
0
0
0
1
x
0
0
0
0
x
0
0
0
0
0
0
0
0
0
0
0
?
x
?
x
x
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
?
x
x
x
?
x
?
x
?
x
?
x
?
x
?
x
x
0
0
0
0
0
0
0
0
0
1
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
0
0
0
0
x
0
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
0
0
0
0
0
0
0
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
x
0
0
0
0
0
0
0
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
x
x
1
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
x
x
0
0
0
0
x
0
0
0
0
x
x
0
0
0
0
x
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
x
0
0
0
0
x
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
0
0
0
0
x
x
x
x
?
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
x
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
1
0
0
0
0
0
0
1
2
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
...
Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block
? - Unknown Block
x - Potentially Malicious Block
Similar Families
Similar Families
This section lists other families that share similarities with this family, based on EnigmaSoft’s analysis. Many malware families are created from the same malware toolkits and use the same packing and encryption techniques but uniquely extend functionality. Similar families may also share source code, attributes, icons, subcomponents, compromised and/or invalid digital signatures, and network characteristics. Researchers leverage these similarities to rapidly and effectively triage file samples and extend malware detection rules.- Kryptik.KOE
- Kryptik.YKAK
- MSIL.Agent.HAAD
- ShellcodeRunner.RDD
- Trojan.Kryptik.Gen.DBS
Files Modified
Files Modified
This section lists files that were created, modified, moved and/or deleted by samples in this family. File system activity can provide valuable insight into how malware functions on the operating system.| File | Attributes |
|---|---|
| c:\users\user\appdata\local\temp\aibflhmmumbpmtlqwummlsrug.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\aljecyfubsfduqrjgxwafpjr.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\apihfkshnlvydofxcdma.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\bgybhmeczkdhwhyc.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\bwqqqmljohvcoajtz.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\cpoatnkqbopvydesakepfin.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\cxhuetidjqhfcpyaaxucnzj.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\dbnqpxzijqagohhghoxxfzpwvt.bmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\dzpqnaddptbvem_oryywrvgvblfczetapu.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\emuxaakroxitkryrdtxcvwnlq.txt | Generic Write,Read Attributes |
Show More
| c:\users\user\appdata\local\temp\generated.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\hidirumiqnhobyrhefpnstxti.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\holqejfysjuoziiwcuchvg.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\jniupwiargylcxrwa.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\ljytcokqqhiqzwurez.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\mtvbcfkuekpoykhav.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\ntaklorpgrulujigbtmchbw.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\pficrbyjbyqxyczufelggfhn.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\pfwmxggsmxuazkgcn_yjyprgqfnmgrqnt.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\reizipbahrphupcsxvurvnlosu.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\ribfwfxbkcknzxxxjon_ywlqlzsxjmrmhsucyr.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\rrsnlimssxddzkytydolxerug.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\rvvrzkckzylfzypgfwgsbp.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\systeminfo.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\tabbfgxqjxx.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\tbubonblhfdzbulwqwpiap.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\test_11970.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\test_19020.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\test_29863.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\test_8878.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\tmp2d7f.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\tmp3ed8.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\tmpbaf8.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\tmpbaf9.tmp | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\vucovywncngdozxfndcenmvpic.txt | Generic Write,Read Attributes |
| c:\users\user\appdata\local\temp\zdhcsrihcoawidslznl.txt | Generic Write,Read Attributes |
| c:\users\user\documents\rjklldrcqdefkhsgacslevml.txt | Generic Write,Read Attributes |
Registry Modifications
Registry Modifications
This section lists registry keys and values that were created, modified and/or deleted by samples in this family. Windows Registry activity can provide valuable insight into malware functionality. Additionally, malware often creates registry values to allow itself to automatically start and indefinitely persist after an initial infection has compromised the system.| Key::Value | Data | API Name |
|---|---|---|
| HKCU\software\fofgnzhdcjeowcttsojlzs::dsjvis | RegNtPreCreateKey | |
| HKCU\software\lkbpsezqmiispdczw::dsjvis | RegNtPreCreateKey | |
| HKCU\software\iwxmuxgjmuvkfseqyachd::dsjvis | RegNtPreCreateKey |
Windows API Usage
Windows API Usage
This section lists Windows API calls that are used by the samples in this family. Windows API usage analysis is a valuable tool that can help identify malicious activity, such as keylogging, security privilege escalation, data encryption, data exfiltration, interference with antivirus software, and network request manipulation.| Category | API |
|---|---|
| Syscall Use |
Show More
82 additional items are not displayed above. |
| Anti Debug |
|
| Network Winhttp |
|
| Encryption Used |
|
