K7 Detection Name | Affected OS | Prevalence | AV Definition Version |
---|---|---|---|
Trojan ( 005a01531 ) | Windows | Low | 12.72.47285 |
MD5 | a42a3d1638d4a32f0c31db6ed7735d34 |
SHA256 | c8d3029b521e37a8b60f97ccd34fa63c487979038b9846f8c50387b5c80d9a30 |
File Size | 514,472 bytes |
Packer Information | N/A |
First Seen | 15-03-2023 |
Last Seen | 14-07-2023 |
Aliases | Win32/Kryptik.HSZA |
Behavior Details
1. Creates Registry: Adds registry data C:\Users\John\AppData\Local\Temp\a42a3d1638d4a32f0c31.dat.exe Under the key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\a42a3d1638d4a32f0c31.dat.exe
Removal Instructions
1. Update the copy of K7 security to the latest version. 2. Open Windows registry editor. 3. Delete the registry data C:\Users\John\AppData\Local\Temp\a42a3d1638d4a32f0c31.dat.exe Under the key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce\a42a3d1638d4a32f0c31.dat.exe 4. Close the Windows registry. 5. Restart the machine.