Threat Database Trojans Trojan.MSIL.Krypt.GDTA

Trojan.MSIL.Krypt.GDTA

By CagedTech in Trojans

Table of Contents

Analysis Report

General information

Family Name:	Trojan.MSIL.Krypt.GDTA
Signature status:	No Signature

Known Samples

MD5: 6ad5dd11a3d40b88bbb66b1ec0d7a0bd

SHA1: 5422b1dd35279ca95f4d9f57a60b8cf7f8a70917

File Size: 594.94 KB, 594944 bytes

MD5: a1126bc5271d574e38e594212e02ab02

SHA1: 4585078cb497e40fb5496188c6c051c46d512de9

File Size: 594.94 KB, 594944 bytes

MD5: c9de4789fe857984c3e3950e42d80ef6

SHA1: 241e6acd2859dfc143fcfc425e862c04e0c619bc

File Size: 594.94 KB, 594944 bytes

MD5: dfce169de2dcfd3d39e5ee11a80655a4

SHA1: 3c7e59bbd2000ecbdf487dbef7ecdc7d35d27f36

SHA256: 9CA3D66113FD2B5AE776FE1732A105D891C0D389DFAD82E805FD63712F0603F0

File Size: 594.94 KB, 594944 bytes

MD5: f17b9016b9ca496893e7001d3e8cafbd

SHA1: eb2ad0ebaee2779c4a3410213d60a33b69875759

SHA256: 097EDC2A75540E99362C00690DCCED0356A16B67006A3E271BF926A3DA4C3415

File Size: 594.94 KB, 594944 bytes

Show More

MD5: 5a3356b8c6468e1c3c1b5bc9177dd424

SHA1: 925bdb28ed3d37a677a726f9613ae301af5e40e0

SHA256: 7488280ECF0FDAAD21F600D7422DFE91CB4479068E86E6CB262659C3B0F44A52

File Size: 594.94 KB, 594944 bytes

MD5: 0b093ee845861ac94428861455e7bad6

SHA1: 8e8a609c374afc2f01de967e143ecf24ba163031

SHA256: 33958E1CEBD9FA677C9E468E04A7728249C33459E2F9DB17B3FD318BEF53A829

File Size: 594.94 KB, 594944 bytes

MD5: 3379af9d77acdcab5999ae42fab737a0

SHA1: 7d922720c5a89868759800b76fac44d36a181469

SHA256: 02D19FBD476033CF26F623A6CE5BC4BC60A85DF3F934075B931098AED5609DD1

File Size: 594.94 KB, 594944 bytes

MD5: 01b014232d5e2e83bf26fa07da127b2d

SHA1: 795bf17b00ec40e96a3559fe9f409b221ab70b9c

SHA256: 9E5C6889044791A1EDA702FB1E125CD4C621FEC2F233D6D52D6897F86A19DC67

File Size: 594.94 KB, 594944 bytes

MD5: f6de2fa5a59142619d6dc7c46b016f31

SHA1: acb91bc86895345314b6f3bb6e1c8087f972fc53

SHA256: A7E4BCFC49FA8CD5EE02B2AC48E41DFF44663F71A7B0E0F270DFF616FC404F16

File Size: 594.94 KB, 594944 bytes

MD5: d90ac0843ecf7ce87d4cf2a7667c02e1

SHA1: 4cfb41c2dd8d35863d21c792bd751a5352f4cefc

SHA256: 4A31920FD7DC2E9B2334DBA1101E736222416847A72C3E6C878777830CA85530

File Size: 594.94 KB, 594944 bytes

MD5: 525449fb7d24e5c8b81f0f6ff07fea4f

SHA1: 3f71bfae59ea8587f31541f5211289d48e27f8a3

SHA256: B0FEC7EC3F6A8D3918664101F8EE5312654A8E5CD3D190C94CD0397F323C0EDA

File Size: 594.94 KB, 594944 bytes

MD5: d17f4d0c4d54b000e86b5d264bae1700

SHA1: 5ba3d427b39061a5317713ae531f9550ae110aba

SHA256: 776BF5D570E60B83B8BDE75AF2998F4DFE4F22AFD455702BB435F24EC29DAE8F

File Size: 594.94 KB, 594944 bytes

MD5: 6afd9c0e2db1f9d2b04e75234a8c2f76

SHA1: 8eb604594396ee1d703bfea7cf9c86b61958cc7a

SHA256: 92D6DAD64FFF234819F9FEB1206C36758457DC3AB637DBED1D41B6A2240F14A2

File Size: 594.94 KB, 594944 bytes

MD5: ed00fb1d60e7411f2e05917155b4daef

SHA1: d562e036597506e2e5088775c92c98e0a81232dd

SHA256: 743CEA7EDA11BB3AA11EAF9B80A0C31317EADE4C5B5938EBB73D3FD955B3BB29

File Size: 594.94 KB, 594944 bytes

MD5: ab04125231d50c87ee0b9d1d12171ae0

SHA1: d7235b2639ecb0d4b7e9c5a2a6bc6cf678390fc1

SHA256: 4F6A0781FF5EAF797AEA52AE758F3F9667B0860C2C1FBA082A82CCB39DE1C0D6

File Size: 594.94 KB, 594944 bytes

MD5: 31a9e957477da8f9085731da9991f5c9

SHA1: b3874c75b8ac768dd98b0c7b4fcfbd0dcef5f633

SHA256: A28CC641EAD12CBA67DE144F8729FDFF0694F2D5B135E5BA5C83C710E20B63AB

File Size: 594.94 KB, 594944 bytes

MD5: 44348e07afeaa5c4e2d87abe3af37fe1

SHA1: 8b9ea977a48fa5d3c47368db4296c3fd75533389

SHA256: D54C2F12AAD0C2C67F0FBDABCA271A14287C2964A986CA3196908711DA0D4A41

File Size: 594.94 KB, 594944 bytes

MD5: a90afce7a2bcdf44a23fbba24a57661b

SHA1: 7fbccdbf7628fcfb3c7997a85c26abeb1ff695c2

SHA256: F031C228D5867DCB358CBB523E632942D3A99207C7D153FD99A21D4FE160BCBC

File Size: 594.94 KB, 594944 bytes

MD5: 2fe137f31ffac908052bd0a71adbf968

SHA1: 5f440946e7646d2afa8be28e938f49a64af8eaf5

SHA256: C8B7F17092DB49344DEDA92181494CAADBCE3FF2E5B5D807BAEEF4AC84655E2E

File Size: 596.99 KB, 596992 bytes

Windows Portable Executable Attributes

File doesn't have "Rich" header
File doesn't have debug information
File doesn't have exports table
File doesn't have resources
File doesn't have security information
File is .NET application
File is 32-bit executable
File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
File is either console or GUI application
File is not packed

Show More

IMAGE_FILE_DLL is not set inside PE header (Executable)
IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Traits

.NET
No Version Info
x86

Block Information

Total Blocks:	35
Potentially Malicious Blocks:	19
Whitelisted Blocks:	16
Unknown Blocks:	0

Visual Map

0 0 x x x x x x x x x x x 0 0 0 0 0 x x 0 0 0 0 0 0 0 x x 0 x 0 x x x

0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

MSIL.Krypt.GDTA

Windows API Usage

Category

API

Syscall Use

ntdll.dll!NtAlertThreadByThreadId
ntdll.dll!NtAlpcSendWaitReceivePort
ntdll.dll!NtClearEvent
ntdll.dll!NtClose
ntdll.dll!NtCreateEvent
ntdll.dll!NtCreateFile
ntdll.dll!NtCreateMutant
ntdll.dll!NtCreatePrivateNamespace
ntdll.dll!NtCreateSection
ntdll.dll!NtCreateThreadEx

Show More

ntdll.dll!NtDeviceIoControlFile
ntdll.dll!NtDuplicateObject
ntdll.dll!NtEnumerateKey
ntdll.dll!NtEnumerateValueKey
ntdll.dll!NtFreeVirtualMemory
ntdll.dll!NtMapViewOfSection
ntdll.dll!NtOpenDirectoryObject
ntdll.dll!NtOpenEvent
ntdll.dll!NtOpenFile
ntdll.dll!NtOpenKey
ntdll.dll!NtOpenKeyEx
ntdll.dll!NtOpenProcess
ntdll.dll!NtOpenProcessToken
ntdll.dll!NtOpenSection
ntdll.dll!NtOpenThreadToken
ntdll.dll!NtProtectVirtualMemory
ntdll.dll!NtQueryAttributesFile
ntdll.dll!NtQueryDefaultLocale
ntdll.dll!NtQueryDirectoryFileEx
ntdll.dll!NtQueryFullAttributesFile
ntdll.dll!NtQueryInformationFile
ntdll.dll!NtQueryInformationJobObject
ntdll.dll!NtQueryInformationProcess
ntdll.dll!NtQueryInformationThread
ntdll.dll!NtQueryInformationToken
ntdll.dll!NtQueryKey
ntdll.dll!NtQueryLicenseValue
ntdll.dll!NtQueryPerformanceCounter
ntdll.dll!NtQuerySecurityAttributesToken
ntdll.dll!NtQuerySecurityObject
ntdll.dll!NtQuerySystemInformation
ntdll.dll!NtQuerySystemInformationEx
ntdll.dll!NtQueryValueKey
ntdll.dll!NtQueryVirtualMemory
ntdll.dll!NtQueryVolumeInformationFile
ntdll.dll!NtQueryWnfStateData
ntdll.dll!NtReadFile
ntdll.dll!NtReadRequestData
ntdll.dll!NtReleaseMutant
ntdll.dll!NtReleaseWorkerFactoryWorker
ntdll.dll!NtResumeThread
ntdll.dll!NtSetEvent
ntdll.dll!NtSetInformationKey
ntdll.dll!NtSetInformationProcess
ntdll.dll!NtSetInformationThread
ntdll.dll!NtSetInformationWorkerFactory
ntdll.dll!NtSubscribeWnfStateChange
ntdll.dll!NtTestAlert
ntdll.dll!NtTraceControl
ntdll.dll!NtUnmapViewOfSection
ntdll.dll!NtUnmapViewOfSectionEx
ntdll.dll!NtWaitForAlertByThreadId
ntdll.dll!NtWaitForSingleObject
ntdll.dll!NtWaitForWorkViaWorkerFactory
ntdll.dll!NtWaitLowEventPair
ntdll.dll!NtWorkerFactoryWorkerReady
ntdll.dll!NtWriteFile
UNKNOWN

User Data Access

GetComputerNameEx
GetUserDefaultLocaleName
GetUserObjectInformation

Trending

Ice Open Network (IOP) Airdrop

March 18, 2026

The modern web offers convenience and opportunity, but it also provides fertile ground for cybercriminals. Exercising caution while browsing is no longer optional, it is essential. Fraudulent...

Your Account Is Secure & Ready Email Scam

March 18, 2026

Unexpected emails that appear to confirm account safety can be deceptively reassuring, but that is exactly what makes them dangerous. Cybersecurity professionals consistently emphasize that users must remain vigilant when handling unsolicited messages, especially those involving account credentials. The so-called 'Your Account Is Secure & Ready' email scam is a prime example of how...

ValidVersion.app

Mac Malware, Adware, Potentially Unwanted Programs

March 20, 2026

Protecting your Mac from intrusive and untrustworthy applications is not just good practice, it is essential for maintaining your privacy, security, and overall system performance. Potentially...

Most Viewed

How To Fix 'Printer Driver is Unavailable' Error

June 29, 2021 35,184

Printers are notorious for refusing to do their job whenever the user needs it the most. Luckily, if your printer is displaying the Printer Driver is Unavailable' error, then there are a couple of...

Pornktube.porn

December 28, 2023 33,210

Analysis Report General information Family Name: Trojan.MSIL.Krypt.GDTA Signature status: No Signature Known Samples i Known Samples This section lists other file samples believed to be associated...

Discord Shows Black Screen when Sharing Screen screenshot

Discord Shows Black Screen when Sharing Screen

June 21, 2021 29,414

When it first launched, Discord was a VoIP platform geared toward the gaming community. However, in the following years, it expanded its scope, added numerous new features, and became one of the...

Loading...