The Trojan.Win32.Injuke.sac is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.
Gridinsoft Anti-Malware
Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
What Trojan.Win32.Injuke.sac virus can do?
- Behavioural detection: Executable code extraction – unpacking
- Yara rule detections observed from a process memory dump/dropped files/CAPE
- Creates RWX memory
- Enumerates running processes
- CAPE extracted potentially suspicious content
- Unconventionial language used in binary resources: Spanish (El Salvador)
- The binary likely contains encrypted or compressed data.
- Authenticode signature is invalid
- Deletes its original binary from disk
- Creates a copy of itself
- Anomalous binary characteristics
How to determine Trojan.Win32.Injuke.sac?
File Info:
name: F37DD72619DB8078E1F5.mlwpath: /opt/CAPEv2/storage/binaries/888ac286c287a5c318b44e984201764d8957f956f474c359793673e72d2f6680crc32: F76FABF0md5: f37dd72619db8078e1f5b828e77ffba1sha1: 22a3305407c3dfcafa3cda5776cede1710311929sha256: 888ac286c287a5c318b44e984201764d8957f956f474c359793673e72d2f6680sha512: 083a672c7d25449090e8da4a4900f021f85ecaf05244707cb3e601f642e6056b1ec398ff3227d85ec71ce61caaf48c68538bbcffa1c94f401245e05bc3525f47ssdeep: 192:ZFErVTwKmDeOVibGJH5KH5A9P6U2/odt0kuizQM7cxplTErc9ab8v:DE1wKHO8G5KZA9SU2+SpMgxplTH9aQtype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1DC926CE27A7C1BA2DA57073E16A1890B4EF1733050BB8AC187E4551F5A9F69CFD14312sha3_384: 9e6a9e7a081b4138cf7cb83f3d6c5cbee035ff534e25b7f7ffe30eb7a1c34b499097c8144750facad368f5ec03704523ep_bytes: 6878b941a1f6d4660fbef364a1300000timestamp: 2005-03-14 18:37:27Version Info:
CompanyName: †SOFTWINudffeㄟ㌄臞伹㵃啭脹꿥癔店挩앶䏉ⱍ쫠䴯냆ᢄ쁑䄓⋦㬛芊惠ᗝ居荖᥆倠좁䡩옜璞ᐖ䂵ᷙ矕從뉃횔쯲‑퉀䅙枆姰鸴뻡컳ᄶudc06ꫠ꣖ꪨ뷸껋ﷄɭudabe汹撅㖧昗꺖ꋒ甬Я觐磊ԫ暭ude73脾薽먁䫦狺ꏸ䗲䩵̽ᖢ矓ꔭ捊걚፩ຳ㸃魖春렟︉ꍩ뗈udc45香dz輗蚽꽟䶛質籮䳘戺庁野ґ얬妕㇐᪺禕ž풥″汷ude9d⌠ᘙ㵘浭觜륱ꟽ慺媌褠喼ฮ냳㸺᭲傼ud86a댣浪刕ᘭ䅩⠫罾䎕먂㟽㍒歨䐆蚂⩇鸶ഞ큌◊㟹槩巸䬂란醤ꆀ⧘㍆䒠ᛱ遣ud899ﳁࠢ먛穢㦀鿾搦⁕倏⧚陰ᗦু쌔垘浙붿ϧ䮖櫒᠅⨵囋>䬰躡䝻ꓓ⃩裎▻㨑葇鶫垀撧뭉냁္誹閣麮Ԇ纙폽똥瞵딷떇暓ude1f푙观ꝋ伖⛹茳鿯︱銖裉城ặ林픧쑦拓⹙굽戆Ṷ酈殴퓘udd3budef2ူ妪䃫롟뇝涻䣍픘ud876⊽༫饍뵓坄ꆕ㕸၀ᥢ鹖豭ꡛ⯢儑笖쑪◕쑛빫텫芋眎눅謸蔬暵툰樲封ẛ弄坳驐㢗ힱ콇棛䴫켣婸廦釘ࡼudd18퇦⳾斍ⷉ甘翆穱捫䒵Nude20죩튭풝ㄉᰘњ⺻⪉霖埼ud93f⌈낹偗氲鷶:
Trojan.Win32.Injuke.sac also known as:
| Bkav | W32.AIDetect.malware2 |
| Elastic | malicious (high confidence) |
| DrWeb | Trojan.Siggen2.2443 |
| FireEye | Generic.mg.f37dd72619db8078 |
| McAfee | PWS-Zbot.gen.avx |
| Cylance | Unsafe |
| VIPRE | Trojan.FakeAlert |
| K7AntiVirus | Trojan ( 0055dd191 ) |
| Alibaba | Trojan:Win32/Kryptik.00b4286d |
| K7GW | Trojan ( 0055dd191 ) |
| CrowdStrike | win/malicious_confidence_100% (W) |
| BitDefenderTheta | Gen:NN.ZexaF.34212.bW0@auq2LrgG |
| Cyren | W32/FakeAlert.OG.gen!Eldorado |
| Symantec | ML.Attribute.HighConfidence |
| ESET-NOD32 | a variant of Win32/Kryptik.ASLG |
| TrendMicro-HouseCall | TSPY_ZBOT.SMZF |
| Cynet | Malicious (score: 100) |
| Kaspersky | Trojan.Win32.Injuke.sac |
| BitDefender | Gen:Variant.Zbot.10 |
| NANO-Antivirus | Virus.Win32.Gen.ccmw |
| MicroWorld-eScan | Gen:Variant.Zbot.10 |
| Tencent | Win32.Trojan.Zbot.Ecaf |
| Ad-Aware | Gen:Variant.Zbot.10 |
| Sophos | Mal/Generic-R + Mal/Zbot-IM |
| Comodo | Packed.Win32.Krap.hd@2nkc7n |
| Zillya | Trojan.Kryptik.Win32.1173736 |
| TrendMicro | TSPY_ZBOT.SMZF |
| McAfee-GW-Edition | BehavesLike.Win32.ZBot.mt |
| Emsisoft | Gen:Variant.Zbot.10 (B) |
| Ikarus | Trojan.Win32.Crypt |
| GData | Gen:Variant.Zbot.10 |
| Webroot | W32.Trojan.AntiAV.hsr |
| Avira | TR/Crypt.XPACK.Gen2 |
| Antiy-AVL | Trojan/Win32.SGeneric |
| Arcabit | Trojan.Zbot.10 |
| ZoneAlarm | Trojan.Win32.Injuke.sac |
| Microsoft | PWS:Win32/Zbot!rfn |
| TACHYON | Trojan/W32.Small.20480.JD |
| Acronis | suspicious |
| VBA32 | Trojan.Zeus.EA.01000 |
| ALYac | Gen:Variant.Zbot.10 |
| MAX | malware (ai score=100) |
| Malwarebytes | Malware.Heuristic.1003 |
| APEX | Malicious |
| Rising | Trojan.Kryptik!8.8 (CLOUD) |
| Yandex | Trojan.Kryptik!iOWuuULCqSc |
| SentinelOne | Static AI – Malicious PE |
| MaxSecure | Trojan.Malware.1728101.susgen |
| Fortinet | W32/ZBOT.SMZF!tr |
| Cybereason | malicious.619db8 |
| Panda | Generic Malware |
How to remove Trojan.Win32.Injuke.sac?
- Download and install GridinSoft Anti-Malware.
- Open GridinSoft Anti-Malware and perform a “Standard scan“.
- “Move to quarantine” all items.
- Open “Tools” tab – Press “Reset Browser Settings“.
- Select proper browser and options – Click “Reset”.
- Restart your computer.
Leave a Comment