Malware

Troj/Inject-JDR removal guide

Malware Removal

The Troj/Inject-JDR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/Inject-JDR virus can do?

  • A file was accessed within the Public folder.
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Touches a file containing cookies, possibly for information gathering

How to determine Troj/Inject-JDR?



File Info:

name: 47AF4970D795A194B963.mlw
path: /opt/CAPEv2/storage/binaries/90c75e16c457bcd000d77d6d39d58be17f4015c1377c9aa4e5de5450d44d6a92
crc32: BDF67DBE
md5: 47af4970d795a194b9630a4ad0a52cb1
sha1: a82a6bc81345602abb9428dcbb5c49a1f73cdef4
sha256: 90c75e16c457bcd000d77d6d39d58be17f4015c1377c9aa4e5de5450d44d6a92
sha512: d46598f50a1695ccd67b4798c32645175b0b6c8cd8891b45c4850b0c3e07525eec8f6c62e92050213edfafc60a50831a302bb2276c15b316a8243cf0f26ec4a8
ssdeep: 49152:YjuIGHXJLrduEyztsR7OQzQzAmjqamm173:YKI0dd/yzt67OU7ap
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1C6A5123AF1D08437D1236E7CCC5BA754A825BEE12D28608A7BE91C09DF39B9125263D7
sha3_384: b728f12bf5814734fd02d9e6610d05af9e9a36eb7e7385188e11f9ea44e653196f129b288e92ebb699f7f958c1b36ab2
ep_bytes: 55545d906a2890596a006a004975f953
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Troj/Inject-JDR also known as:

BkavW32.AIDetectMalware
AVGWin32:MBRlock-DV [Trj]
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Symmi.34741
FireEyeGeneric.mg.47af4970d795a194
CAT-QuickHealTrojan.GimemPMF.S24870139
SkyhighBehavesLike.Win32.Generic.tc
McAfeeGenericRXIP-BJ!47AF4970D795
MalwarebytesGeneric.Malware.AI.DDS
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00548e051 )
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.0d795a
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.ERFT
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Trojan.Mbrlock-9779766-0
KasperskyHEUR:Trojan.Win32.Agent.gen
BitDefenderGen:Variant.Symmi.34741
NANO-AntivirusTrojan.Win32.Dapato.bsjzfg
AvastWin32:MBRlock-DV [Trj]
TACHYONTrojan-Dropper/W32.Dapato.2079232
SophosTroj/Inject-JDR
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoader6.7779
VIPREGen:Variant.Symmi.34741
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Symmi.34741 (B)
IkarusTrojan.Win32.Injector
JiangminTrojan.Blocker.pkq
VaristW32/Injector.OZVT-2500
AviraTR/Crypt.XPACK.Gen
Antiy-AVLGrayWare/Win32.Kryptik.ahho
MicrosoftTrojan:Win32/Injector.INK!MTB
XcitiumTrojWare.Win32.Injector.HO@82j6jo
ArcabitTrojan.Symmi.D87B5
ZoneAlarmHEUR:Trojan.Win32.Agent.gen
GDataWin32.Trojan.PSE1.1QLX8M8
GoogleDetected
AhnLab-V3Dropper/Win32.Dapato.R83155
BitDefenderThetaAI:Packer.285FEA2921
ALYacGen:Variant.Symmi.34741
MAXmalware (ai score=87)
VBA32TrojanRansom.Blocker
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Injector!1.DA56 (CLASSIC)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.11913.susgen
FortinetW32/Injector.AHHO!tr
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (D)

How to remove Troj/Inject-JDR?

Troj/Inject-JDR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment