Trojan:MSIL/Injector.DK!MTB (file analysis)

The Trojan:MSIL/Injector.DK!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Trojan:MSIL/Injector.DK!MTB virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine Trojan:MSIL/Injector.DK!MTB?


File Info:
name: 8E94BFC0FBD659EFB2ED.mlw
path: /opt/CAPEv2/storage/binaries/8ba9f816411f2b882972f76c1a72fd66ba8d9a89fe57b049d2bac5be512a7406
crc32: 346DAAB9
md5: 8e94bfc0fbd659efb2eddece3935fad3
sha1: 33f1ceef8bbebf5353005bdbb5457ee28f2b9522
sha256: 8ba9f816411f2b882972f76c1a72fd66ba8d9a89fe57b049d2bac5be512a7406
sha512: 49502f4b3a3c84c9febe8da4ff419f0aaeb3be2c56865052f6cd5a20d5ed4ebd9994d8bfb57ae323cef3c0af09496417aac378a2d8a708fc419bb2f3a9819f9b
ssdeep: 192:BgxfYM2DEbOp4S8Fu0hWWZ8daEowa+5SD8C4nTznRMeVkp8:VD58xZAJFTl2W
type: PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
tlsh: T13352EB1927E41622F06E17B99CF5469B0770DE825F73D70B1DD482032EA27B8DB12BAD
sha3_384: ec552bdb5bd8c9f5e9b727ea29b77dc5d465c762f724c2b1ec750dc3a2e9a723d18da581397b004f24c3e0689daae701
ep_bytes: ff250020400000000000000000000000
timestamp: 2024-01-15 21:05:55

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: srcdni_n.dll
LegalCopyright:  
OriginalFilename: srcdni_n.dll
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

Trojan:MSIL/Injector.DK!MTB also known as:

Bkav	W32.AIDetectMalware.CS
Lionic	Trojan.Win32.Generic.4!c
DrWeb	Trojan.Siggen5.9801
MicroWorld-eScan	Gen:Variant.Ursu.235202
Skyhigh	Artemis!Trojan
ALYac	Gen:Variant.Ursu.235202
Cylance	unsafe
Sangfor	Suspicious.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
Alibaba	Trojan:MSIL/Injector.42320034
K7GW	Trojan ( 700000121 )
K7AntiVirus	Trojan ( 700000121 )
Arcabit	Trojan.Ursu.D396C2
VirIT	Trojan.Win32.MSIL.CWA
Symantec	Trojan.Gen.MBT
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Injector.AVU
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan.Win32.Generic
BitDefender	Gen:Variant.Ursu.235202
NANO-Antivirus	Trojan.Win32.Siggen5.exgxyo
Avast	MSIL:Injector-HH [Trj]
Emsisoft	Gen:Variant.Ursu.235202 (B)
F-Secure	Trojan.TR/Siggen.131332
VIPRE	Gen:Variant.Ursu.235202
Sophos	Mal/Generic-S
SentinelOne	Static AI – Malicious PE
Webroot	W32.Malware.Gen
Google	Detected
Avira	TR/Siggen.131332
Antiy-AVL	Trojan/Win32.Tgenic
Kingsoft	malware.kb.c.994
Xcitium	TrojWare.MSIL.Agent.AVU@54402b
Microsoft	Trojan:MSIL/Injector.DK!MTB
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Variant.Ursu.235202
Varist	W32/MSIL_Troj.BZ.gen!Eldorado
McAfee	Artemis!8E94BFC0FBD6
Panda	Trj/CI.A
Ikarus	Trojan.MSIL.Injector
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/Injector.AVU!tr
AVG	MSIL:Injector-HH [Trj]
DeepInstinct	MALICIOUS

How to remove Trojan:MSIL/Injector.DK!MTB?

Trojan:MSIL/Injector.DK!MTB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X