About “Trojan.InjukePMF.S21918341” infection

Malware Removal

The Trojan.InjukePMF.S21918341 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan.InjukePMF.S21918341 virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Attempts to connect to a dead IP:Port (2 unique times)
  • Presents an Authenticode digital signature
  • Creates RWX memory
  • A process created a hidden window
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Chinese (Singapore)
  • The binary likely contains encrypted or compressed data.
  • Looks up the external IP address
  • Executed a process and injected code into it, probably while unpacking
  • Anomalous binary characteristics

Related domains:

api.ipify.org

How to determine Trojan.InjukePMF.S21918341?


File Info:

crc32: AF50E44E
md5: 3bb9f7915dedb8d06acaf1b059f381ec
name: 3BB9F7915DEDB8D06ACAF1B059F381EC.mlw
sha1: 56196d6bfaecb7070d377e85d1d9d240ea18f2d1
sha256: 0c930f3824ae611a44a1c821497548b47a56fd8967fffe7ed6e979f99f83e85f
sha512: f36fb0cd1ba254f53fd13a4e8373602c3acdf3df167a337571ec662eecb0f88415adacaa98f3254c5294b70d6583bf6971a21165c597a89c3e25acf5959ffb8b
ssdeep: 12288:sNR5i+fRCv4CaljuRQ85TepY/N89XYx/IYMW0rwrsu:Ki+fv52QZcMXYx/zh3
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x020b 0x0085

Trojan.InjukePMF.S21918341 also known as:

K7AntiVirusRiskware ( 00584baa1 )
Elasticmalicious (high confidence)
DrWebTrojan.MulDrop18.28324
MicroWorld-eScanTrojan.GenericKDZ.77082
CAT-QuickHealTrojan.InjukePMF.S21918341
McAfeePacked-GDT!3BB9F7915DED
CylanceUnsafe
ZillyaTrojan.Injuke.Win32.22836
CrowdStrikewin/malicious_confidence_90% (W)
K7GWRiskware ( 00584baa1 )
CyrenW32/Kryptik.EYC.gen!Eldorado
SymantecPacked.Generic.525
ESET-NOD32a variant of Win32/Kryptik.HMCJ
APEXMalicious
AvastWin32:PWSX-gen [Trj]
KasperskyHEUR:Trojan.Win32.Injuke.gen
BitDefenderTrojan.GenericKDZ.77082
Ad-AwareTrojan.GenericKDZ.77082
SophosMal/Generic-S
BitDefenderThetaGen:NN.ZexaF.34170.GqZ@a0AR5WpH
TrendMicroTROJ_GEN.R06CC0DHH21
McAfee-GW-EditionPacked-GDT!3BB9F7915DED
FireEyeGeneric.mg.3bb9f7915dedb8d0
EmsisoftTrojan.Crypt (A)
SentinelOneStatic AI – Malicious PE
AviraTR/AD.MalwareCrypter.nylpk
eGambitPE.Heur.InvalidSig
MicrosoftRansom:Win32/StopCrypt.MGK!MTB
SUPERAntiSpywareTrojan.Agent/Gen-Injuke
ZoneAlarmHEUR:Trojan.Win32.Injuke.gen
GDataTrojan.GenericKDZ.77082
AhnLab-V3Trojan/Win.Raccrypt.R437574
Acronissuspicious
VBA32TrojanPSW.Racealer
MAXmalware (ai score=84)
MalwarebytesTrojan.Downloader
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R06CC0DHH21
RisingMalware.Obscure/Heur!1.A89F (CLASSIC)
IkarusTrojan.Win32.Azorult
FortinetW32/Kryptik.HMEJ!tr
AVGWin32:PWSX-gen [Trj]

How to remove Trojan.InjukePMF.S21918341?

Trojan.InjukePMF.S21918341 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment