Trojan

Trojan:Win32/InjectorCrypt!pz malicious file

Malware Removal

The Trojan:Win32/InjectorCrypt!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan:Win32/InjectorCrypt!pz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • HTTPS urls from behavior.
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • CAPE detected the embedded win api malware family
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Trojan:Win32/InjectorCrypt!pz?



File Info:

name: 0F9E8E45215487D1FF40.mlw
path: /opt/CAPEv2/storage/binaries/71f86f7204fc156b2dc9f519f112898487a19e917199f66f10bba616f0acc634
crc32: 1BBAB81C
md5: 0f9e8e45215487d1ff40903a5cbbd445
sha1: 5447ad878e8460da6f412d5e21f69082a6788b88
sha256: 71f86f7204fc156b2dc9f519f112898487a19e917199f66f10bba616f0acc634
sha512: 42581001916b70986abec102e169267028dad048054f9d0f9bfa5100effcc6a7fbc454c314f2e2e145829e922a69b38fb718c6c824cac154db735b2e588117c8
ssdeep: 3072:ZddXsIoTxeKsJFEzE5VhYzKa+2ehUkTU/eLGOQ:3OIoTjBY5PUR+2mU2UmDQ
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T195D3022403E64E5DDA4B8FF88667D8AB22815758008F9D96DF467F33EA852F63D1D80C
sha3_384: 88a24ce7d49304babaf8ff8427b0a8406d76c366677f45a104b2c58a16b6c41124c9904f277d41ae3bf6ef1ddca75eef
ep_bytes: 5589e5b80000000089d721db81e9385f
timestamp: 1970-01-01 00:00:00


Version Info:

0: [No Data]

Trojan:Win32/InjectorCrypt!pz also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Copak.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Trojan.Heur.imW@!hBy@@e
SkyhighBehavesLike.Win32.Generic.cm
McAfeeGenericRXAA-FA!0F9E8E452154
MalwarebytesTrojan.MalPack.Generic
ZillyaTrojan.CopakGen.Win32.1
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058c5ff1 )
AlibabaTrojan:Win32/Injector.5c4d8a09
K7GWTrojan ( 0058c5ff1 )
Cybereasonmalicious.78e846
SymantecML.Attribute.HighConfidence
tehtrisGeneric.Malware
ESET-NOD32a variant of Win32/Injector.DZQA
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Copak.pef
BitDefenderGen:Trojan.Heur.imW@!hBy@@e
NANO-AntivirusTrojan.Win32.Copak.ivltkd
AvastWin32:Evo-gen [Trj]
TencentTrojan.Win32.Copak.pe
EmsisoftGen:Trojan.Heur.imW@!hBy@@e (B)
F-SecureTrojan.TR/Crypt.XPACK.Gen
DrWebTrojan.Packed2.43250
VIPREGen:Trojan.Heur.imW@!hBy@@e
FireEyeGeneric.mg.0f9e8e45215487d1
SophosMal/HckPk-A
IkarusTrojan.Win32.Injector
GDataGen:Trojan.Heur.imW@!hBy@@e
JiangminTrojan.Copak.aruk
GoogleDetected
AviraTR/Crypt.XPACK.Gen
Antiy-AVLTrojan/Win32.Injector
KingsoftWin32.Troj.Agent.cks
XcitiumPacked.Win32.MUPX.Gen@24tbus
ArcabitTrojan.Heur.EFD32A
ZoneAlarmHEUR:Trojan.Win32.Copak.pef
MicrosoftTrojan:Win32/InjectorCrypt!pz
VaristW32/Kryptik.DZR.gen!Eldorado
AhnLab-V3Malware/Win32.Generic.C2860595
BitDefenderThetaAI:Packer.335106D81B
ALYacGen:Trojan.Heur.imW@!hBy@@e
MAXmalware (ai score=81)
VBA32BScope.Trojan.Wacatac
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Injector!8.C4 (TFE:4:4cUoDp60GPH)
SentinelOneStatic AI – Malicious PE
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Kryptik.EAHK!tr
AVGWin32:Evo-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/InjectorCrypt!pz?

Trojan:Win32/InjectorCrypt!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment