Trojan

Trojan.Win32.DiskWriter.ifj removal instruction

Malware Removal

The Trojan.Win32.DiskWriter.ifj is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.DiskWriter.ifj virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Dynamic (imported) function loading detected
  • A process created a hidden window
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Uses Windows utilities for basic functionality
  • Deletes executed files from disk

How to determine Trojan.Win32.DiskWriter.ifj?



File Info:

name: BA491898F950B0BA6542.mlw
path: /opt/CAPEv2/storage/binaries/d7b6931c90756443c52895f989d288009e712870428e61f74ece840f76b91d95
crc32: 17C43892
md5: ba491898f950b0ba6542d5bb0aafd0eb
sha1: 44ca6fa68dd12106a6b6a4b3512d1b612b726712
sha256: d7b6931c90756443c52895f989d288009e712870428e61f74ece840f76b91d95
sha512: 5357a1addecf17812b812f78882bbfd41669ca8a2b6982aede12cdc092a5be03560d72ee68fb0e7d79011c56084984eb429b50f800ac9fcd45b4856f3a64ba53
ssdeep: 3072:Jq6+ouCpk2mpcWJ0r+QNTBfYUEJg1iUrns/KobZB+WyqkgaVKEp83Fe:Jldk1cWQRNTBAUEJgEEnCKoP+pxpgk
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B114D044B2E641F7DAF2093210BA712F973667284B28E8D7C35C3D929553AC59A3C3ED
sha3_384: df8db3ab8dca7484e6d8e1ac19100d96582abd649091bf2af84a843024f21fbb5c1f1bc57ecc2bc7f093c4cb1c50b644
ep_bytes: 68ac00000068000000006810804100e8
timestamp: 2019-07-30 08:52:50


Version Info:

0: [No Data]

Trojan.Win32.DiskWriter.ifj also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Tiny.trFe
CynetMalicious (score: 100)
FireEyeGeneric.mg.ba491898f950b0ba
CAT-QuickHealPUA.RiskwarePMF.S7343609
McAfeeRDN/Generic.rp
CylanceUnsafe
ZillyaTool.Lazagne.Win32.102
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0058e0e81 )
AlibabaTrojan:Win32/DiskWriter.b307de5f
K7GWTrojan ( 0058e0e81 )
Cybereasonmalicious.68dd12
VirITTrojan.Win32.Genus.IHW
CyrenW32/Trojan.VFBA-8001
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32Win32/KillDisk.NCU
TrendMicro-HouseCallTROJ_GEN.R011C0WE322
Paloaltogeneric.ml
KasperskyTrojan.Win32.DiskWriter.ifj
BitDefenderTrojan.GenericKD.39590795
MicroWorld-eScanTrojan.GenericKD.39590795
AvastWin32:WormX-gen [Wrm]
RisingTrojan.Generic@AI.98 (RDML:6sh9nZKbIwzhF+uU4oXg/g)
Ad-AwareTrojan.GenericKD.39590795
EmsisoftTrojan.GenericKD.39590795 (B)
VIPRETrojan.GenericKD.39590795
TrendMicroTROJ_GEN.R011C0WE322
McAfee-GW-EditionBehavesLike.Win32.Generic.cc
SophosGeneric ML PUA (PUA)
IkarusTrojan.Win32.KillDisk
GDataTrojan.GenericKD.39590795
Antiy-AVLTrojan/Generic.ASMalwS.50F5
ArcabitTrojan.Generic.D25C1B8B
MicrosoftTrojan:Win32/Wacatac.B!ml
AhnLab-V3Worm/Win.WormX-gen.C5106348
ALYacTrojan.GenericKD.39590795
MAXmalware (ai score=82)
MalwarebytesMalware.AI.392946571
APEXMalicious
TencentWin32.Trojan.Diskwriter.Pfsz
YandexTrojan.DiskWriter!hf6Pg0s9t5g
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/KillDisk.NCU!tr
AVGWin32:WormX-gen [Wrm]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_70% (W)

How to remove Trojan.Win32.DiskWriter.ifj?

Trojan.Win32.DiskWriter.ifj removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment