<< Back to Top Threats
K7 Detection Name Affected OS Prevalence AV Definition Version
Trojan ( 005a01531 ) Windows Low 12.72.47285
MD5

a42a3d1638d4a32f0c31db6ed7735d34

SHA256

c8d3029b521e37a8b60f97ccd34fa63c487979038b9846f8c50387b5c80d9a30

File Size

514,472 bytes

Packer Information

N/A

First Seen

15-03-2023

Last Seen

14-07-2023

Aliases

Win32/Kryptik.HSZA

Behavior Details

1. Creates Registry:

  Adds registry data
     C:\Users\John\AppData\Local\Temp\a42a3d1638d4a32f0c31.dat.exe

  Under the key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\a42a3d1638d4a32f0c31.dat.exe

Removal Instructions

1. Update the copy of K7 security to the latest version.
2. Open Windows registry editor.
3. Delete the registry data
     C:\Users\John\AppData\Local\Temp\a42a3d1638d4a32f0c31.dat.exe

   Under the key:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\a42a3d1638d4a32f0c31.dat.exe
4. Close the Windows registry.
5. Restart the machine.