K7 Detection Name | Affected OS | Prevalence | AV Definition Version |
---|---|---|---|
Trojan ( 005a6a451 ) | Windows | Low | 12.91.48549 |
MD5 | af6e384dfabdad52d43cf8429ad8779c |
SHA256 | f327c2b5ab1d98f0382a35cd78f694d487c74a7290f1ff7be53f42e23021e599 |
File Size | 4,563,640 bytes |
Packer Information | tect |
First Seen | 05-06-2023 |
Last Seen | 21-04-2024 |
Aliases | Win64/GenKryptik.GKGU |
Behavior Details
1. Dropped files: oobeldr.exe Under the folder C:\Users\<user_name>\AppData\Roaming\Microsoft\Protect 2. Dropped files: Report.wer.tmp Report.wer Under the folder C:\ProgramData\Microsoft\Windows\WER\ReportQueue\NonCritical_x64_e317d1ce19fa961dfda531fc4a2c595260922c_cab_052972aa 3. Dropped files: Endpoint Under the folder \Device\Afd 4. Dropped files: RasAcd Under the folder \Device 5. Dropped files: Telemetry Logging Under the folder C:\Windows\sysnative\Tasks 6. Dropped files: ValidationTask ValidationTaskDeadline Under the folder C:\Windows\sysnative\Tasks\Microsoft\Windows\Windows Activation Technologies
Removal Instructions
1. Update the copy of K7 security to the latest version. 2. Scan the system completely and remove the detected files. 3. Restart the machine.