Multi-License Discount Quote

Change Region

English
Threat Database Trojans Trojan.Kryptik.Gen.DBQ

Trojan.Kryptik.Gen.DBQ

By CagedTech in Trojans

Threat Scorecard

Popularity Rank: 5,758
Threat Level: 80 % (High)
Infected Computers: 38
First Seen: February 10, 2026
Last Seen: April 30, 2026
OS(es) Affected: Windows

Analysis Report

General information

Family Name: Trojan.Kryptik.Gen.DBQ
Signature status: No Signature

Known Samples

MD5: b054cb025c67eb1e27b984f52a191917
SHA1: 0e95e6d574b84da4473dc2cbe39cf46f9b03e0fa
SHA256: 02FF23A4D5CA9E19B1D6D34BF05E26E1E52834D49C9B342049331D6C161484F4
File Size: 605.92 KB, 605918 bytes
MD5: 451beaf87986ef52605d3a99bd7a6b23
SHA1: 7c991dc2ab2ee41bb0084ec79a8d31fad2fd7d1d
SHA256: 331E592CF7FABAE31508D6EFD7CF9D2F3458F10085BEFA8D59E8A3993EA80E43
File Size: 2.73 MB, 2734937 bytes
MD5: 250ad250af353f31b6c662bd671f2783
SHA1: 548a8defbaf1e3474fa3db69c7268294f6d8895f
SHA256: 54FF42709F0D9FC94F65FE8D7F1288587966DABAE136F9D5C6EC3ED3E9834D34
File Size: 1.81 MB, 1814928 bytes
MD5: 87a87134832dc6bd910a2fdf92ed3a73
SHA1: 0d40f7f81b57243850066185b788242974455536
SHA256: 13D2B6D339946665271581A8D8FED954535F6B3405FB82BBB5614491F7A25DB4
File Size: 1.61 MB, 1614760 bytes
MD5: d833ddd42217849d90418f18e406168b
SHA1: 86b175502337a5a8f5bca48091f5ad6e03b2939a
SHA256: B877F3EF3A5F6941AB8A732CAEAF21FA80A8818814382AA3EC49FD9A6128B45B
File Size: 1.82 MB, 1816484 bytes
Show More
MD5: 285292d86f774302853af0e93a2353c2
SHA1: 2af7161fd492aae8ebc41945a1fa9004960cf0ec
SHA256: 52EDDCFE0DD3093B6D66CEBBD420480846E0AC79C422D88137A1A96AA34FE894
File Size: 1.59 MB, 1593032 bytes
MD5: cac62732830cf65e8578a50a3fc1114b
SHA1: 1c8eb481822afc8dcb7c84b39ed07d08d5eac737
SHA256: FB209B43468810B910846E2520E98DFF84074F60C038362C61A1FD5E92B81834
File Size: 3.41 MB, 3412072 bytes
MD5: 431fd1c2e9e89b58e66ad3ec449f25b8
SHA1: 0afb05de7a6f402605f3dbf8ca5c9a6a378c0e95
SHA256: BBFE9320BC5247DF59E1FB651428D2CA9E5A90105D4473DE73E75CD0A56BE5AC
File Size: 3.40 MB, 3403540 bytes
MD5: 8d91a5287d842fc54a20b43abe4f42cd
SHA1: f9c01a81c780f1d3a9c33925235ef2f5735c2b11
SHA256: C140527D5665214300EBD20CF46CA1F9DA97303971204B01A9A22784F6D662AE
File Size: 1.12 MB, 1115720 bytes
MD5: 805d16ce8bd7bc6a0eb05cfc9d933f20
SHA1: a1b9d4a5e5f402f8c9ee41c0f30181b902dcdb5f
SHA256: E25613EDC204FEC0E3B94D942D003A0EEB656DC365664AE5E377A721416598F7
File Size: 1.10 MB, 1100728 bytes
MD5: d3e92da9c7fb8fa6c5c23fd8fdc73872
SHA1: 630de320379240f4a4f0382fb55e21d85c2e53ef
SHA256: CB199DB146FB7FD5B31C7B2C05F29E163EE807DE60CCAA517F5DC5DDF6B37093
File Size: 1.08 MB, 1084000 bytes
MD5: 0f1d74715336395ab592576d66df7003
SHA1: cacf1bf6b1d494d849dfdad1a1cd9b99b9b56705
SHA256: 8276E230DABEC99FDC6AD74F56E09196A0B5B454459A76F7B6FEE24BC7928294
File Size: 1.08 MB, 1078920 bytes
MD5: 448788199244eb82b8eb561094fc3e35
SHA1: ff34f7f0769db10347776208df06718b9bdb3765
SHA256: 0625D020AE31CA641D5C5968ED0D36C5ABA6474DC70C57237D84046C7A8001A3
File Size: 1.08 MB, 1084520 bytes
MD5: 73ef1432675addd0cb60676672e34da9
SHA1: 8c2d7c45ad02186e9dda43e1cd88b79ab132a549
SHA256: 7962A5EE5F758C36B5B9095F26681D64C068C06A8A0A67E47A7BC8E2DA5769A8
File Size: 1.08 MB, 1083572 bytes
MD5: 02f2aab7072018656093074b754278bf
SHA1: 1d30452028a111831dc361d363f56c060188e4b2
SHA256: EFDB7108BCBBD9D5D930A006AAA75A256D147D51A2D6DDBCE84D74525F617D7E
File Size: 1.11 MB, 1109744 bytes
MD5: d06c23047c0da2dadf2a10ef36d27047
SHA1: 60e4444fdb9d32abcdc54f0e5355bd7e45db02c9
SHA256: 73FF03B2B1B39AB61D33024E5727546FF3B10204431C7B930565C025C3937247
File Size: 1.10 MB, 1101572 bytes
MD5: 07c2cbda2f819a716908b32e770408d6
SHA1: 5ee7d48a24cdb1db6277f545db8bb3ec27e2015c
SHA256: C37FA714409625C264773F135B84F251F3963A1EA1DFA5C2A2729EBC7DD5D3C3
File Size: 1.14 MB, 1135108 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have security information
  • File has exports table
  • File has TLS information
  • File is 64-bit executable
  • File is console application (IMAGE_SUBSYSTEM_WINDOWS_CUI)
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
Show More
  • File is Native application (NOT .NET application)
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

Windows PE Version Information

Name Value
Company Name
  • Basic Sun Limited
  • Cross Unit
  • Crystal Customer Fast BV
  • ElementDoor Technologies
  • Flow New Soft Investments
  • Gamma Nova Co
  • Geo-Fast Network
  • Global Uni Quad League
  • Grid Benchmark Wireless
  • MatrixFirst Co
Show More
  • Peak, Nova and Nexus Agency
  • PinnacleFireRed SA
  • Sequence Technologies
  • Solar Find PC
  • The Neutron Chain Sphere
  • Ultrastrong Mobile
  • ZetaSage Zone
File Description
  • Approach Allow Divide
  • Canonical Life Framework
  • Cloud Advanced Integrated Plugin
  • Concurrent Impressive Handler
  • CRC Sales Continue Helper
  • Dashboard Template Collection Accelerator Layer
  • Deep Latency Handler
  • Family Segment Record Resume Converter
  • Fiber Brush Human Consolidator Layer
  • Heart Firmware Library
Show More
  • Import Design Module
  • Innovative Bespoke Orchestration Pack Helper
  • Module Notify Engine
  • Network ARQ Combined Pause Adapter
  • Plugin Large Graphs Output Handler
  • Router Get Adapter
  • Straightforward Setup Layer
File Version
  • 19.6.34.525
  • 16.10.17.674
  • 11.8.33.230
  • 10.14.27.597
  • 7.6.12.92
  • 5.8.4.76
  • 5.3.84.996
  • 4.4.2.144
  • 3.12.41.507
  • 3.5.7.28
Show More
  • 3.4.18.3
  • 3.1.7.27
  • 2.10.49.963
  • 2.8.7.79
  • 2.5.2.39
  • 2.2.29.212
  • 1.5.22.198
Internal Name
  • auth51
  • chrome_elf
  • cloud_assembler
  • encoder_laboratory
  • FileResolver
  • format_logistics_plug
  • helper_8c44
  • magnificentgovernor
  • micro_automation
  • piece_fullstack
Show More
  • runtime_bf786
  • sqlite
  • stack_disconnect
  • tuple_orig
Legal Copyright
  • (C) 2012 - 2019 Flow New Soft Investments
  • (C) 2020 - 2020 MatrixFirst Co
  • (C) 2021 Ultrastrong Mobile. All rights reserved.
  • (C) 2026 Basic Sun Limited
  • (C) 2026 Gamma Nova Co
  • 2022 Sequence Technologies. All Rights Reserved.
  • 2024 Global Uni Quad League. All Rights Reserved.
  • Copyright (c) 2019 by Geo-Fast Network
  • Copyright (C) 2019-2025 Cross Unit
  • Copyright (c) 2022 by Grid Benchmark Wireless
Show More
  • Copyright (C) 2022 ZetaSage Zone
  • Copyright 2020, 2020 Solar Find PC
  • Copyright 2021. PinnacleFireRed SA
  • Copyright 2022 Crystal Customer Fast BV
  • Copyright 2025. The Neutron Chain Sphere
  • ElementDoor Technologies Copyright 2023-2024
  • Peak, Nova and Nexus Agency (C) 2021
Original Filename
  • auth51
  • chrome_elf
  • cloud_assembler
  • encoder_laboratory
  • FileResolver
  • format_logistics_plug
  • helper_8c44
  • magnificentgovernor
  • micro_automation
  • piece_fullstack
Show More
  • runtime_bf786.dll
  • sqlite
  • stack_disconnect
  • tuple_orig
Product Name
  • Band Resistance Fog Miner
  • Begin Reminder
  • Bio Prime Pattern Divider
  • Brave Engine Typical Collector
  • Chorus Certified Perceptive Binder
  • Deal Mixer Resolver
  • Facade Tuple Attacher
  • Index Reliable Member Viewer
  • Insights Piece
  • ObserverBone Exceptional Portal
Show More
  • Observer Innovative Repair
  • Path Frank Dicer
  • Premier Distort Highlighter
  • Sage Facade Natural Snapshot
  • Software Resume
  • Value Immediate Organizer
  • Volume Merged Tester
Product Version
  • 19.6.34.525
  • 15.4.46.31
  • 12.6.12.406
  • 11.4.4.325
  • 11.1.2.363
  • 10.1.14.66
  • 8.14.24.771
  • 8.7.39.60
  • 6.5.11.138
  • 5.4.1.259
Show More
  • 5.0.19.96
  • 4.4.30.861
  • 3.7.15.260
  • 3.1.7.27
  • 2.5.40.343
  • 2.2.53.511
  • 1.1.0.1

File Traits

  • big overlay
  • dll
  • fptable
  • HighEntropy
  • Installer Manifest
  • Installer Version
  • ntdll
  • x64

Block Information

Total Blocks: 615
Potentially Malicious Blocks: 78
Whitelisted Blocks: 411
Unknown Blocks: 126

Visual Map

x ? ? ? x x x ? ? ? ? x x ? ? ? ? ? 0 ? x ? x ? x ? ? x ? ? ? ? ? ? ? x ? ? x ? 0 ? x x x 0 x ? x ? ? x ? x ? ? ? x x x x ? x ? ? x 0 x x ? ? 0 x x x x x x 0 ? x 0 x x 0 x x ? ? ? x x 0 x x x x x ? x ? ? ? ? ? x ? x ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 0 x ? ? ? ? ? ? ? x ? ? x ? ? ? ? x ? ? x x ? x ? ? x x ? ? 0 x ? ? ? x x x ? x x x x x ? x x ? ? x ? ? ? ? x ? x 0 x 0 ? ? ? ? x ? ? ? ? ? ? x ? ? ? x x x x 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 2 2 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 1 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Agent.FTS
  • Agent.KUH
  • Agent.MIC
  • Agent.VYB
  • CobaltStrike.SVN
Show More
  • Injector.BIB
  • Injector.BUB
  • Kryptik.CTD
  • Kryptik.CTF
  • Kryptik.DEQ
  • Kryptik.GUB
  • LockScreen.AG
  • Lumma.JC
  • Marte.CP
  • Rozena.XV
  • ShellcodeRunner.RRB
  • Trojan.Agent.Gen.BCO
  • Trojan.Agent.Gen.BGO
  • Trojan.Agent.Gen.BNR
  • Trojan.Agent.Gen.BPF
  • Trojan.Downloader.Gen.KG
  • Trojan.Injector.Gen.GOC
  • Trojan.Kryptik.Gen.DBQ
  • Trojan.Kryptik.Gen.DKA
  • Trojan.Kryptik.Gen.DOM
  • Trojan.Kryptik.Gen.DUH
  • Trojan.Kryptik.Gen.DZH
  • Trojan.Kryptik.Gen.EAW
  • Trojan.Kryptik.Gen.EEG
  • Trojan.ShellcodeRunner.Gen.KE
  • Trojan.ShellcodeRunner.Gen.KI
  • Trojan.ShellcodeRunner.Gen.KS

Windows API Usage

Category API
Syscall Use
  • ntdll.dll!NtAccessCheck
  • ntdll.dll!NtAlertThreadByThreadId
  • ntdll.dll!NtAlpcSendWaitReceivePort
  • ntdll.dll!NtApphelpCacheControl
  • ntdll.dll!NtClose
  • ntdll.dll!NtConnectPort
  • ntdll.dll!NtCreateMutant
  • ntdll.dll!NtCreateSection
  • ntdll.dll!NtDuplicateObject
  • ntdll.dll!NtDuplicateToken
Show More
  • ntdll.dll!NtFreeVirtualMemory
  • ntdll.dll!NtMapViewOfSection
  • ntdll.dll!NtOpenFile
  • ntdll.dll!NtOpenKey
  • ntdll.dll!NtOpenKeyEx
  • ntdll.dll!NtOpenProcessToken
  • ntdll.dll!NtOpenProcessTokenEx
  • ntdll.dll!NtOpenSection
  • ntdll.dll!NtOpenSemaphore
  • ntdll.dll!NtOpenThreadTokenEx
  • ntdll.dll!NtProtectVirtualMemory
  • ntdll.dll!NtQueryAttributesFile
  • ntdll.dll!NtQueryDebugFilterState
  • ntdll.dll!NtQueryDirectoryFileEx
  • ntdll.dll!NtQueryInformationProcess
  • ntdll.dll!NtQueryInformationThread
  • ntdll.dll!NtQueryInformationToken
  • ntdll.dll!NtQueryKey
  • ntdll.dll!NtQueryPerformanceCounter
  • ntdll.dll!NtQuerySecurityAttributesToken
  • ntdll.dll!NtQuerySystemInformation
  • ntdll.dll!NtQueryValueKey
  • ntdll.dll!NtQueryVirtualMemory
  • ntdll.dll!NtQueryVolumeInformationFile
  • ntdll.dll!NtQueryWnfStateData
  • ntdll.dll!NtReadRequestData
  • ntdll.dll!NtReleaseMutant
  • ntdll.dll!NtReleaseSemaphore
  • ntdll.dll!NtReleaseWorkerFactoryWorker
  • ntdll.dll!NtRequestWaitReplyPort
  • ntdll.dll!NtSetEvent
  • ntdll.dll!NtSetInformationProcess
  • ntdll.dll!NtSetInformationVirtualMemory
  • ntdll.dll!NtSetInformationWorkerFactory
  • ntdll.dll!NtSubscribeWnfStateChange
  • ntdll.dll!NtTestAlert
  • ntdll.dll!NtTraceControl
  • ntdll.dll!NtUnmapViewOfSection
  • ntdll.dll!NtUnmapViewOfSectionEx
  • ntdll.dll!NtWaitForAlertByThreadId
  • ntdll.dll!NtWaitForSingleObject
  • ntdll.dll!NtWaitLowEventPair
  • ntdll.dll!NtWriteFile
  • ntdll.dll!NtYieldExecution
  • UNKNOWN
Encryption Used
  • BCryptOpenAlgorithmProvider
Anti Debug
  • OutputDebugString

Trending

Most Viewed

Loading...