Threat Database Trojans Trojan.Kryptik.ZARV

Trojan.Kryptik.ZARV

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 21,482
Threat Level: 80 % (High)
Infected Computers: 129
First Seen: October 24, 2024
Last Seen: April 11, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Kryptik.ZARV
Signature status: No Signature

Known Samples

MD5: 9afb479ba6480329be3c4dc5d3634589
SHA1: 151ff8719f0aed650fa3308f95c510baf2337648
File Size: 584.19 KB, 584192 bytes
MD5: eb604e2a70243acb885fe5a944a647c3
SHA1: 4f115acfa7662547b877c75a6845297d49713621
File Size: 306.18 KB, 306176 bytes
MD5: 98c07fea9bc60a8d90ae1b2c205e471b
SHA1: e088f4ddcf646d9d3d823bfc67de5792d60a45e2
SHA256: 7A7320EA11F7363BA658C1E371E89CF4964D9EB4F88BB92E18490BF1F506C18F
File Size: 2.50 MB, 2498048 bytes
MD5: 1efaec61555df84a4aca383cd1a922c6
SHA1: 1ba3636161d27bb2af8310c792a6c361eacf27b8
SHA256: A3A5BDCC8BCA11284ACFC7408D07E9AD18747163A9E9EBAF032329C2B1C727A0
File Size: 332.80 KB, 332800 bytes
MD5: 7d101b7e062d99e8b7914e7d43dfc23b
SHA1: a5fa9dc8d98c6e9f9de23cbf6456d6a70b384fdd
SHA256: 5169BB87481B683A2F1043FF15708455D3D889B5C1D95AB107D2EF8FB9E20AEE
File Size: 388.61 KB, 388608 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has TLS information
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name
  • Blankster
  • Blaster
  • Bunch
  • Hestory
  • Mirate
File Versions
  • 98.30.5.53
  • 35.75.55.77
  • 3.3.30
  • 1.25.56
  • 1.5.56
Internal Name
  • Fold
  • Folding
  • Gulbazaura
  • Pedray
Product Versions
  • 85.6.57.42
  • 84.66.56.33
  • 67.17.49
  • 1.0.2.5
  • 1.0.2.4

File Traits

  • big overlay
  • HighEntropy
  • WriteProcessMemory
  • x86

Block Information

Total Blocks: 274
Potentially Malicious Blocks: 4
Whitelisted Blocks: 264
Unknown Blocks: 6

Visual Map

2 0 0 0 1 0 0 0 0 0 0 0 1 1 0 0 0 0 0 0 0 1 0 0 0 1 1 0 2 3 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 1 0 1 0 1 0 1 1 0 0 1 0 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 1 1 0 0 0 0 0 0 0 0 0 1 0 1 0 0 1 0 0 0 0 0 0 0 1 0 1 0 0 0 1 1 0 0 0 0 0 1 0 0 0 0 1 0 0 0 0 0 2 0 0 1 0 0 0 0 0 x ? x x 0 ? ? ? x ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Windows API Usage

Category API
User Data Access
  • SetComputerName

Trending

Most Viewed

Loading...