| K7 Detection Name | Affected OS | Prevalence | AV Definition Version |
|---|---|---|---|
| Trojan ( 006ddf461 ) | Windows | Low | 14.51.59454 |
| MD5 | 61ba7071eb63f7cb6a4d71d14508718a |
| SHA256 | b912971e6d356c0f765317a8734fbfc6a7072ad9d661c210c3f90926ff101860 |
| File Size | 678,200 bytes |
| Packer Information | N/A |
| First Seen | 09-05-2026 |
| Last Seen | 28-05-2026 |
| Aliases | Kryptik.HZHD |
Behavior Details
1. Creates Registry:
Adds data 1 under HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
Adds data 1 under HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
Adds data 1 under HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
Adds data 0 under HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
Removal Instructions
1. Update K7 security to the latest version.
2. Open Windows registry editor and delete the following keys:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\ProxyBypass
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\IntranetName
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\UNCAsIntranet
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\AutoDetect
3. Restart the machine.