Trojan.Win32.Kryptik.ake
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Popularity Rank: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 792 |
| First Seen: | July 25, 2013 |
| Last Seen: | May 15, 2026 |
| OS(es) Affected: | Windows |
Trojan.Win32.Kryptik.ake Image
It is not uncommon for cyber criminals to launch threats related to rare & special events that attract the interest of millions of people. The reason for this is that this way it is much easier to attract the attention of the average computer user, as well as it makes it easier for them to spread their hostile software such as the Trojan.Win32.Kryptik.ake.
An application recognized by anti-virus software as Trojan.Win32.Kryptik.ake is known to rely on such an event to spread itself. As you have possibly heard, the Duke and Duchess of Cambridge, Kate and William, had their first baby recently, and this is news that concerns millions of people across the world. While most people were eager to learn the latest news regarding this notorious event, a group of ill-minded people saw it as a chance to spread the Trojan.Win32.Kryptik.ake that may turn out to be a potentially dangerous application for most computer systems.
Table of Contents
How is Trojan.Win32.Kryptik.ake Distributed?
Trojans are usually distributed via a broad range of methods such as spam emails masked as legitimate software, fake application updates, etc. In the case of Trojan.Win32.Kryptik.ake, the primary method of distribution is via a spam email message that supposedly offers the user access to interesting video & news regarding the royal baby that the Duke and Duchess of Cambridge had. Nevertless, once the PC user access one of the links and videos in the email message, they may be prompted to install a fake Flash Player update that is used to mask the Trojan.Win32.Kryptik.ake threat. If you run this file, your system may be infected with Trojan.Win32.Kryptik.ake, a potential threat that may give scammers access to your personal data and files stored on your computer.
In order to avoid PC infections, you must take more care when reviewing your email inbox. If you have messages coming from suspicious senders, or if they contain information that doesn't necessarily concern you, it may be an attempt to infect your machine with the Trojan.Win32.Kryptik.ake or another computer threat. You also should be alert for is shady links that ask you to download files or offer updates to existing Windows applications and drivers. In most cases, such messages & offers are completely fake, and their sole purpose is to trick you into downloading executable files that may contain Trojan.Win32.Kryptik.ake or other computer threats.
Why is Trojan.Win32.Kryptik.ake a Threat?
The first sign that shows us that Trojan.Win32.Kryptik.ake is in fact a dangerous computer threat is the fact you can't remove it easily. Once run, the Trojan will spread its files across several system folders, create custom registry entries, start several process, and inject itself into system processes as well. Apart from this, it will also reinstall itself constantly in case some of its files are deleted, so dealing with this threat can turn out to be quite tricky, especially if you can't rely on the support of certified security experts.
Security specialists report that Trojan.Win32.Kryptik.ake implements special self-preserving techniques that give it the ability to mask itself from most modern anti-virus software suites. It may also block the protection modules of many system security tools, so it is safe to say that this is an intrusive application that will try to infect your computer at all costs.
What can Trojan.Win32.Kryptik.ake Do?
Unfortunately, there still isn't 100% confirmation on all of Trojan.Win32.Kryptik.ake's capabilities, but security experts report that it Trojan.Win32.Kryptik.ake may be able to damage computer systems severely, as well as cause a lot of annoyance to the user. Supposedly, these are some of the dangers that this threat possesses:
- May open security holes that may be used by other threatening software.
- May grant system access to cybercrooks.
- May download & install other types of threats.
- May cause sluggish computer performance.
- May corrupt important system files.
- May cause data loss.
- May disable popular anti-virus software suites & cloak itself from their scanners.
- May reveal personal data & files to 3rd-party people.
Although it is not sure that the Trojan.Win32.Kryptik.ake will do those things to your system, we still advise you to consider this as a threat that should be erased immediately.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | update_flash_player.exe |
System Messages
The following system messages may be associated with Trojan.Win32.Kryptik.ake:
Washington (CNN)— What will the Obamas get the royal wee one? Sources say it’s a topic under discussion in the White House and at the State Department. |
Analysis Report
General information
| Family Name: | Trojan.Kryptik.D |
|---|---|
| Signature status: | No Signature |
Known Samples
Known Samples
This section lists other file samples believed to be associated with this family.|
MD5:
e88b410b357bf221022d1064d62da991
SHA1:
764d79abdaf8344de221f2456f6a629e26d6a3ca
SHA256:
606C295454D08B5CAE1ABC53EB5746A3C69CBC18F7DDEA5B4DCC2DFB1B682318
File Size:
516.10 KB, 516096 bytes
|
Windows Portable Executable Attributes
- File doesn't have "Rich" header
- File doesn't have debug information
- File doesn't have exports table
- File doesn't have relocations information
- File doesn't have security information
- File is 32-bit executable
- File is either console or GUI application
- File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
- File is Native application (NOT .NET application)
- File is not packed
Show More
- IMAGE_FILE_DLL is not set inside PE header (Executable)
- IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)
File Icons
File Icons
This section displays icon resources found within family samples. Malware often replicates icons commonly associated with legitimate software to mislead users into believing the malware is safe.
Windows PE Version Information
Windows PE Version Information
This section displays values and attributes that have been set in the Windows file version information data structure for samples within this family. To mislead users, malware actors often add fake version information mimicking legitimate software.| Name | Value |
|---|---|
| Company Name | Krzysztof Kowalczyk |
| File Description | SumatraPDF |
| File Version | 3.1.2 |
| Legal Copyright | Copyright 2006-2016 all authors (GPLv3) |
| Original Filename | SumatraPDF.exe |
| Product Name | SumatraPDF |
| Product Version | 3.1.2 |
File Traits
- HighEntropy
- x86
Block Information
Block Information
During analysis, EnigmaSoft breaks file samples into logical blocks for classification and comparison with other samples. Blocks can be used to generate malware detection rules and to group file samples into families based on shared source code, functionality and other distinguishing attributes and characteristics. This section lists a summary of this block data, as well as its classification by EnigmaSoft. A visual representation of the block data is also displayed, where available.| Total Blocks: | 14 |
|---|---|
| Potentially Malicious Blocks: | 6 |
| Whitelisted Blocks: | 3 |
| Unknown Blocks: | 5 |
Visual Map
? - Unknown Block
x - Potentially Malicious Block
