Win32/Kryptik.ARTR
Posted: January 23, 2013
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 9/10 |
---|---|
Infected PCs: | 40 |
First Seen: | January 23, 2013 |
---|---|
Last Seen: | July 16, 2023 |
OS(es) Affected: | Windows |
Win32/Kryptik.ARTR is a Trojan that's distributed through spam e-mail messages that currently target enthusiasts of the prominent e-commerce site Pixmania.com. Although Win32/Kryptik.ARTR has not been fully analyzed, SpywareRemove.com malware researchers note that Win32/Kryptik.ARTR bears strong structural similarities to various Trojan downloaders that are used to install other malware while simultaneously compromising the security of the infected PC. The easiest way to ward off Win32/Kryptik.ARTR is to delete the Pixmania-themed e-mail messages that link to Win32/Kryptik.ARTR, but if your computer does become infected by Win32/Kryptik.ARTR, an updated (and, hopefully, reputable brand of) anti-malware scanner can remove Win32/Kryptik.ARTR – along with any other malware that Win32/Kryptik.ARTR may install without your permission.
Win32/Kryptik.ARTR: a Lesson in Not Trusting Everything that's Offered for Free
Like many Trojans before it, Win32/Kryptik.ARTR uses e-mail spam to distribute itself to new PCs, with targets seemingly being selected from arbitrary targets (as opposed to targeting specific companies or individuals). These e-mail messages claim to offer a free voucher for the popular Pixmania.com website, with a link to the supposed 'free' hundred Euro deal. However, the link actually leads to a malicious Windows screensaver file (the SCR file type) which installs Win32/Kryptik.ARTR.
SpywareRemove.com malware researchers note two major lessons that can be derived from this: firstly that e-mail spam still makes heavy use of embedded HTML links for distributing malware. Secondly, that screensaver files – despite their relatively outdated nature – still are exploited by malware authors and can be as dangerous to your PC as any other type of executable file. Nonetheless, it can be hoped that most PC users will not fall for this scam and will delete Win32/Kryptik.ARTR's e-mails without following the malicious link.
When You Reach for Win32/Kryptik.ARTR's Counterfeit Euros with Open Arms
If you or another user of your PC has fallen for the aforementioned Pixmania.com scam and followed the web link, you should consider your computer to be compromised by Win32/Kryptik.ARTR. Some attacks that SpywareRemove.com malware experts associate with PC threats similar to Win32/Kryptik.ARTR Trojans include loss of confidential information, changes to your security settings, disabled applications and/or the installation of a variety of specialized malware (such as ransomware Trojans, browser hijackers or adware).
Because Win32/Kryptik.ARTR and its e-mail attacks are both relatively new to the malware scene, Win32/Kryptik.ARTR has not yet been added to the databases of all major brands of anti-malware programs. Accordingly, using a reputable and completely updated anti-malware product is essential for detecting Win32/Kryptik.ARTR accurately and removing Win32/Kryptik.ARTR from your PC in safety. Due to Win32/Kryptik.ARTR 's role as an enabler of other attacks against any PC that Win32/Kryptik.ARTR infects, SpywareRemove.com malware experts suggest deleting Win32/Kryptik.ARTR as quickly as possible to minimize the loss of confidential information and potential damage to your PC.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:socks.exe
File name: socks.exeSize: 184.32 KB (184320 bytes)
MD5: d9f93384197ed2213d8c59efa1aed7de
Detection count: 34
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 28, 2013
648b02cb624137faccd4310a860
File name: 648b02cb624137faccd4310a860Size: 65.53 KB (65536 bytes)
MD5: 648b02cb624137faccd4310a8602d579
Detection count: 33
Group: Malware file
Last Updated: January 28, 2013
1014e02e2ee8fc51ec5ee2cdd7ee5fb7
File name: 1014e02e2ee8fc51ec5ee2cdd7ee5fb7Size: 307.2 KB (307200 bytes)
MD5: 1014e02e2ee8fc51ec5ee2cdd7ee5fb7
Detection count: 32
Group: Malware file
Last Updated: January 28, 2013
stheyoa6.dl
File name: stheyoa6.dlSize: 143.36 KB (143360 bytes)
MD5: ce06410e605d6aca9dec2ec2396b4476
Detection count: 28
Mime Type: unknown/dl
Group: Malware file
Last Updated: January 28, 2013
ddmlxjwy.exe
File name: ddmlxjwy.exeSize: 122.88 KB (122880 bytes)
MD5: 3f42268f7aee2362462fc384d01a13ab
Detection count: 26
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 28, 2013
voucher.scr
File name: voucher.scrMime Type: unknown/scr
Group: Malware file
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.