Trojan

Trojan:Win32/CryptInject.PH!MTB removal tips

Malware Removal

The Trojan:Win32/CryptInject.PH!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/CryptInject.PH!MTB virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Executed a process and injected code into it, probably while unpacking
  • Network activity detected but not expressed in API logs

How to determine Trojan:Win32/CryptInject.PH!MTB?



File Info:

crc32: 0B168D41
md5: df76ce48e6b2d93a4f9b8cf27af52c3e
name: DF76CE48E6B2D93A4F9B8CF27AF52C3E.mlw
sha1: 50757d9ee2ece69273554d9205608f100670e7c4
sha256: b38128805153bff95e8d055c1926281da88e6855fe31cee5994f8d71a7d2041b
sha512: 22f11f20f2f2bd9bbeb4077ec5532662e0e5e738c959e9c87ae8cd2b2f53272bd0918855e944b9e91dacda2c56bead1dc3b5081d5367143d6fb6fad13b084673
ssdeep: 12288:Itb20Qc3lT7af41ePBRYuQLKpqeUhbTv5OFgNuPPpHSgarJFiCeaqHpC6A:Itb20pkaCqT5TBWgNQ7arJFneTHpC6A
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0809 0x04b0

Trojan:Win32/CryptInject.PH!MTB also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
ClamAVWin.Packed.Nymeria-9865969-0
CAT-QuickHealTrojanPWS.AutoIT.Dclog.S
ALYacGen:Variant.Doina.23159
MalwarebytesMalware.AI.2446018949
Cybereasonmalicious.8e6b2d
CyrenW32/AutoIt.QE.gen!Eldorado
SymantecPacked.Generic.511
ESET-NOD32a variant of Win32/Injector.DMUI
APEXMalicious
AvastScript:SNH-gen [Trj]
CynetMalicious (score: 99)
KasperskyPacked.Win32.Krap.im
BitDefenderGen:Variant.Doina.23159
MicroWorld-eScanGen:Variant.Doina.23159
Ad-AwareGen:Variant.Doina.23159
BitDefenderThetaAI:Packer.4D9C968B16
McAfee-GW-EditionBehavesLike.Win32.Dropper.dh
FireEyeGen:Variant.Doina.23159
EmsisoftGen:Variant.Doina.23159 (B)
AviraHEUR/AGEN.1100054
MicrosoftTrojan:Win32/CryptInject.PH!MTB
ZoneAlarmPacked.Win32.Krap.im
GDataGen:Variant.Doina.23159
McAfeeArtemis!DF76CE48E6B2
MAXmalware (ai score=84)
RisingTrojan.Injector/Autoit!1.C5B5 (CLASSIC)
FortinetAutoIt/Krap.IM!tr
AVGScript:SNH-gen [Trj]

How to remove Trojan:Win32/CryptInject.PH!MTB?

Trojan:Win32/CryptInject.PH!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment