Trojan

Trojan:Win32/DelfInject.SRA!MTB removal tips

Malware Removal

The Trojan:Win32/DelfInject.SRA!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/DelfInject.SRA!MTB virus can do?

  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Harvests cookies for information gathering
  • Anomalous binary characteristics
  • Unusual version info supplied for binary

How to determine Trojan:Win32/DelfInject.SRA!MTB?



File Info:

name: D4C522939DCF93081AAF.mlw
path: /opt/CAPEv2/storage/binaries/26973a90a221f110382fa619976b214f23b2210e4fcb4f7154cc35becc0f3e17
crc32: AEB534F6
md5: d4c522939dcf93081aaf06c44ebc3620
sha1: 62db74948fe701475dbd78945e761f655e245a68
sha256: 26973a90a221f110382fa619976b214f23b2210e4fcb4f7154cc35becc0f3e17
sha512: 76fb94ab26e193d10fbf6927b6c512e054f9a3d83a6f279e2e4178aa24eae93a1b760cf43a7297f864dcc19b43f11da4698421ac695050132651c5e65501ea31
ssdeep: 24576:GZPnEysCS5YP0QLtaDY6IKql2aG7wNlp8S:GZPsCmQzf0aGsfu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1B4159FB2B2C1443ED2231A388D2FEAA8791BBE112E2CA95677F55D0C1E357807535ED3
sha3_384: 612d8581c34ffc0909da88f940646782b549aafbbf174a18c0ec088a4a69c37b5cfd40ec3ec5e0dababd4f252f82191d
ep_bytes: 558bec83c4f0b8cc3d4900e8f408f7ff
timestamp: 1992-06-19 22:22:17


Version Info:

FileVersion: 44.2.0.0
Comments: Microsoft Word Invoice
FileDescription: Micro Business
LegalCopyright: Copyright ©2013 Microsoft Word Invoice All Rights Reserved.
CompanyName: www.Micro Business.org
HomePage: Microsoft Word Invoice
Author: Microsoft
Translation: 0x0809 0x04b0

Trojan:Win32/DelfInject.SRA!MTB also known as:

LionicTrojan.Multi.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.48260246
FireEyeTrojan.GenericKD.48260246
McAfeeGenericRXAA-AA!D4C522939DCF
MalwarebytesSpyware.PasswordStealer
ZillyaTrojan.Injector.Win32.1487468
SangforRiskware.Win32.Agent.ky
K7AntiVirusTrojan ( 0058cfb91 )
AlibabaTrojan:Win32/Injector.5477a2ae
K7GWTrojan ( 0058cfb91 )
BitDefenderThetaGen:NN.ZelphiCO.34212.5K0@aOwqV8ji
VirITTrojan.Win32.PSWStealer.DFM
CyrenW32/Injector.AUA.gen!Eldorado
SymantecScr.MalPbs!gen1
ESET-NOD32a variant of Win32/Injector.EQXH
TrendMicro-HouseCallTROJ_GEN.R002C0DB722
KasperskyHEUR:Trojan.Win32.Agentb.gen
BitDefenderTrojan.GenericKD.48260246
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.10d018cb
Ad-AwareTrojan.GenericKD.48260246
EmsisoftTrojan.GenericKD.48260246 (B)
TrendMicroTROJ_GEN.R002C0DB722
McAfee-GW-EditionBehavesLike.Win32.Worm.dc
SophosMal/Generic-S
IkarusTrojan.Win32.Injector
GDataTrojan.GenericKD.48260246
WebrootW32.Trojan.Dropper
AviraTR/Injector.zuoid
Antiy-AVLTrojan/Generic.ASMalwS.352230C
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/DelfInject.SRA!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.Agent.R470608
VBA32Malware-Cryptor.Limpopo
ALYacTrojan.GenericKD.48260246
MAXmalware (ai score=85)
CylanceUnsafe
RisingTrojan.Injector!8.C4 (TFE:4:7BixRx3eLJB)
YandexTrojan.Igent.bXqeeE.1
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Injector.EQPQ!tr
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/DelfInject.SRA!MTB?

Trojan:Win32/DelfInject.SRA!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment