Malware

Troj/Inject-JDR removal

Malware Removal

The Troj/Inject-JDR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Troj/Inject-JDR virus can do?

  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Touches a file containing cookies, possibly for information gathering

How to determine Troj/Inject-JDR?



File Info:

name: E9206A43B214DDAA92D1.mlw
path: /opt/CAPEv2/storage/binaries/7f355587913bbf8d3bbeebc0fd333902b1b6e70f72df747ecda9d013db599c32
crc32: B2808BFB
md5: e9206a43b214ddaa92d1e64a6463077d
sha1: 5a1e277c500933e787f0123ad6726311381066fd
sha256: 7f355587913bbf8d3bbeebc0fd333902b1b6e70f72df747ecda9d013db599c32
sha512: e997f2e1f99392734634928a2c77e417fe0569bd96aa0c52d876f4ecab3279047483241a3fab466d7822b4e4f6f794969f012911666f08b4fcc281948027c92e
ssdeep: 98304:YKIZdd/yzt67OU7apyKIZdd/yzt67OU7apyKIZdd/yzt67OU7apyKIZddE:8xazg7DSmxazg7DSmxazg7DSmxE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B466123AF5D08437D1236E7CCC5BA754A835BEE02D28608A7BE81D49DF39B9125263D3
sha3_384: 37a10fd893ddce23dea7f0eb8689d4609c1bd48a02d3524a07ffd99e231c4d2ace38327443012f7d0ec90550c388da75
ep_bytes: 55545d906a2890596a006a004975f953
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Troj/Inject-JDR also known as:

BkavW32.AIDetectMalware
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Symmi.34741
ClamAVWin.Trojan.Mbrlock-9779766-0
FireEyeGeneric.mg.e9206a43b214ddaa
CAT-QuickHealTrojan.GimemPMF.S24870139
SkyhighBehavesLike.Win32.Generic.vc
McAfeeGenericRXIP-BJ!E9206A43B214
MalwarebytesGeneric.Malware.AI.DDS
SangforRansom.Win32.Save.a
K7AntiVirusTrojan ( 00548e051 )
BitDefenderGen:Variant.Symmi.34741
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/malicious_confidence_100% (D)
ArcabitTrojan.Symmi.D87B5
BitDefenderThetaAI:Packer.DC953A6A21
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Injector.ERFT
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Agent.gen
NANO-AntivirusTrojan.Win32.Dapato.bsjzfg
TencentTrojan.Win32.Blocker.zg
SophosTroj/Inject-JDR
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.DownLoader6.7779
VIPREGen:Variant.Symmi.34741
Trapminemalicious.high.ml.score
EmsisoftGen:Variant.Symmi.34741 (B)
IkarusTrojan.Win32.Injector
GoogleDetected
AviraTR/Crypt.XPACK.Gen
Antiy-AVLGrayWare/Win32.Kryptik.ahho
XcitiumTrojWare.Win32.Injector.HO@82j6jo
MicrosoftTrojan:Win32/Injector.INK!MTB
ZoneAlarmHEUR:Trojan.Win32.Agent.gen
GDataGen:Variant.Symmi.34741
VaristW32/Injector.OZVT-2500
AhnLab-V3Dropper/Win32.Dapato.R83155
VBA32TrojanRansom.Blocker
ALYacGen:Variant.Symmi.34741
MAXmalware (ai score=85)
DeepInstinctMALICIOUS
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Injector!1.DA56 (CLASSIC)
YandexTrojan.Injector!6XR9EGb/HqY
SentinelOneStatic AI – Malicious PE
FortinetW32/Injector.AHHO!tr
AVGWin32:MBRlock-DV [Trj]
Cybereasonmalicious.c50093
AvastWin32:MBRlock-DV [Trj]

How to remove Troj/Inject-JDR?

Troj/Inject-JDR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment