Malware

MSIL/Injector.CYT information

Malware Removal

The MSIL/Injector.CYT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL/Injector.CYT virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine MSIL/Injector.CYT?



File Info:

name: 3D3AAC906214D8A4A530.mlw
path: /opt/CAPEv2/storage/binaries/03f1bb92e78a20c328865e0838d4968709dc5f78a4aec5f79019ed5de7f663c9
crc32: 111F0BE8
md5: 3d3aac906214d8a4a53097ab20732579
sha1: c907eae91da593c997790a6adbf4166d541665cf
sha256: 03f1bb92e78a20c328865e0838d4968709dc5f78a4aec5f79019ed5de7f663c9
sha512: 4ca8ed7d62f694244e8aca21c9451302f1c402ae6e1ab56af25dfa45d0c23c3b581d5f352e313874c63940eacb1875c1a2edb9e1b2c00d9f86788ae08a8d6b1a
ssdeep: 6144:b3kdOdZsWS3kdCQ7JpWBTSeRSXMUX2SSLx:4OdZVzd7JcfafSL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T127648BB732A96F85E67E87790422658063F5A907D327E35E7E14114C4C77B82CBA3B83
sha3_384: acff2fa77eadb5b971884e7c5fc0fbf8473d93482dedfdb0d4d5e581d4b58f2f203407cb2f1b1cdef399a1248ba96db6
ep_bytes: ff250020400000000000000000000000
timestamp: 2016-01-09 08:51:30


Version Info:

Translation: 0x0000 0x04b0
FileDescription: โปรแกรมคำนวณ Survey
FileVersion: 1.0.0.0
InternalName: โปรแกรมคำนวณ Survey.exe
LegalCopyright: Copyright ©  2016
OriginalFilename: โปรแกรมคำนวณ Survey.exe
ProductName: โปรแกรมคำนวณ Survey
ProductVersion: 1.0.0.0
Assembly Version: 1.0.0.0

MSIL/Injector.CYT also known as:

LionicTrojan.Win32.FrauDrop.b!c
DrWebBackDoor.Bifrost.20759
CylanceUnsafe
SangforTrojan.Win32.FrauDrop.8
K7AntiVirusTrojan ( 0055e39a1 )
K7GWTrojan ( 0055e39a1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Injector.CYT
Paloaltogeneric.ml
ClamAVWin.Packed.Generic-9865070-0
KasperskyTrojan-Dropper.Win32.FrauDrop.akmoq
NANO-AntivirusTrojan.Win32.Drop.dklzpw
AvastWin32:Malware-gen
ComodoMalware@#16q0suoqv4z6j
McAfee-GW-EditionArtemis
SophosML/PE-A
JiangminTrojanDropper.FrauDrop.ajio
KingsoftWin32.Troj.Generic.v.(kcloud)
MicrosoftTrojan:Win32/Skeeyah.A!rfn
AhnLab-V3Trojan/Win.Generic.C4779385
McAfeeArtemis!3D3AAC906214
APEXMalicious
TencentWin32.Trojan-dropper.Fraudrop.Lkxu
IkarusTrojan.MSIL.Injector
MaxSecureTrojan.Malware.300983.susgen
FortinetMSIL/CYT!tr
AVGWin32:Malware-gen
PandaTrj/GdSda.A

How to remove MSIL/Injector.CYT?

MSIL/Injector.CYT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment