Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.MSIL.Krypt.GBDA

Trojan.MSIL.Krypt.GBDA

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 10,283
Threat Level: 80 % (High)
Infected Computers: 1,222
First Seen: August 17, 2021
Last Seen: September 29, 2025
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.MSIL.Krypt.GBDA
Signature status: No Signature

Known Samples

MD5: 8d94b514a035c93e4506c562a412e0a5
SHA1: 91cd246e8f25d91383b9fa066cb606d4cc43c7a0
SHA256: CFE482920D9943DBC83605947AC7AFBD0358D3532F505B376835869A60F44EAB
File Size: 5.83 MB, 5832704 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have exports table
  • File doesn't have security information
  • File is .NET application
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Assembly Version 1.0.0.0
Comments ewf
Company Name edf
File Description smart_and_fast_education_for_content
File Version 1.0.0.0
Internal Name smart_and_fast_education_for_content.exe
Legal Copyright Copyright © 2023
Original Filename smart_and_fast_education_for_content.exe
Product Name smart_and_fast_education_for_content
Product Version 1.0.0.0

File Traits

  • .NET
  • .sdata
  • HighEntropy
  • NewLateBinding
  • Reactor
  • RijndaelManaged
  • x86

Block Information

Total Blocks: 18,251
Potentially Malicious Blocks: 1,007
Whitelisted Blocks: 12,311
Unknown Blocks: 4,933

Visual Map

0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 ? 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 x 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 x 0 0 0 0 0 0 x ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x x 0 0 0 0 0 ? x x 0 0 0 0 0 ? x x 0 0 0 0 0 ? x x 0 0 0 0 0 ? x x 0 0 0 0 0 ? x x 0 0 0 0 0 ? x x 0 0 0 0 0 ? x x 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 ? 0 x ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? 0 ? 0 ? 0 0 x 0 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? 0 ? 0 ? ? 0 ? ? 0 ? ? 0 ? ? ? ? ? ? ? ? ? ? ? 0 x x x ? ? ? x ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? ? 0 0 0 0 ? ? ? 0 0 0 0 ? ? ? ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? 0 0 ? 0 ? 0 0 0 0 0 0 ? 0 0 0 0 0 ? ? ? 0 0 ? ? ? ? ? ? 0 ? ? x x 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x ? ? ? 0 ? ? ? 0 0 0 0 ? ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 0 0 ? ? 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 x x ? 0 0 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 ? ? ? 0 0 ? 0 0 ? 0 0 ? ? ? ? 0 0 x x x x ? ? ? ? x ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? x 0 ? 0 ? ? ? 0 0 0 ? ? ? ? 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 ? ? 0 0 ? ? ? ? 0 ? ? x ? ? ? 0 0 ? 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 ? ? ? ? 0 ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 ? x 0 x ? x ? ? ? ? ? ? 0 ? ? ? x ? ? ? ? ? x ? 0 0 ? ? ? ? ? ? x x x x x ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? 0 0 ? 0 0 ? ? ? ? ? 0 0 0 0 0 0 ? 0 ? 0 0 0 0 0 ? ? x x x x ? x ? ? 0 0 x ? ? ? ? ? x x x ? x ? x ? x ? ? 0 0 ? ? ? ? ? ? ? ? 0 0 ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? 0 ? x 0 0 0 0 0 0 ? 0 ? x 0 ? ? ? ? ? ? ? ? ? x x ? ? ? ? x 0 0 x x ? x 0 ? x ? ? ? ? x 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? 0 ? 0 0 0 0 x ? 0 ? ? 0 0 0 0 0 0 0 0 ? 0 ? 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? 0 0 0 0 0 ? 0 0 ? 0 0 x 0 ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? ? ? ? ? 0 0 ? ? ? ? ? ? ? x ? ? x ? ? ? 0 ? ? ? 0 ? x 0 ? ? ? ? ? ? ? ? ? ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 ? ? x ? ? 0 0 ? 0 0 ? 0 0 0 0 0 0 0 ? ? ? 0 0 0 ? ? 0 0 0 0 0 0 0 0 0 0 x x x 0 ? x ? ? ? ? ? ? ? ? ? ? ? ? x ? ? ? ? x ? ? ? 0 0 ? ? ? ? ? ? ? ? ? ? 0 ? ? ? ? ? ? 0 ? 0 ? x ? x ? ? x x 0 0 x 0 ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 ? 0 ? 0 ? 0 0 0 0 0 x ? ? 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? 0 ? ? ? ? ? ? ? ? x ? 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? 0 ? ? ? ? ? ? ? 0 0 ? ? x 0 0 0 0 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 ? 0 0 0 0 0 0 0 0 0 0 0 ? ? ? ? x ? ? ? ? ? 0 ? ? ? 0 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?
... Data truncated
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • MSIL.Downloader.Agent.A

Windows API Usage

Category API
User Data Access
  • GetUserDefaultLocaleName
  • GetUserObjectInformation

Trending

Most Viewed

Loading...