Trojan

Trojan:Win32/InjectorCrypt!pz information

Malware Removal

The Trojan:Win32/InjectorCrypt!pz is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Trojan:Win32/InjectorCrypt!pz virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • The executable is compressed using UPX
  • Authenticode signature is invalid
  • Creates a copy of itself
  • Deletes executed files from disk

How to determine Trojan:Win32/InjectorCrypt!pz?


File Info:

name: 649F2CD651A32F2E1B1B.mlw
path: /opt/CAPEv2/storage/binaries/5fae11941bb6612a554ba0e824e7cda9bd4953cfbd602e65bff8d892e684cbbe
crc32: 562E0247
md5: 649f2cd651a32f2e1b1bcf0b6bfcf38d
sha1: ed4ceb249dbf95a20b9ead165cc7c766997e55dd
sha256: 5fae11941bb6612a554ba0e824e7cda9bd4953cfbd602e65bff8d892e684cbbe
sha512: 4aeef7b400c14fa545b3d3f38a179d9d27b5a76538b2bccef1269bf0850ceb91aa79b7c6c31c97a33a3e88eb53defacbde496fb24204ed89ea9fb6fe41a04e57
ssdeep: 24576:4kv56lrdevGIP7PYWwMFVe3DeP055jWItQFuKt:4kasP7QWRe3Dd5iIyFuK
type: PE32 executable (console) Intel 80386, for MS Windows
tlsh: T1000523EDE6C3F8B1D236653E25349EF5C91222DBB8CC3AE135672189683D1D07CE0666
sha3_384: 22da5eac9b447ac41449d20dbce0238dd55802cd1d966b2c3c8b84e8fb4c890183100dfd640d458b72bb7903d217d660
ep_bytes: b9000000005681c7010000008b042483
timestamp: 1970-01-01 00:00:00

Version Info:

0: [No Data]

Trojan:Win32/InjectorCrypt!pz also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Bingoml.4!c
tehtrisGeneric.Malware
MicroWorld-eScanGen:Variant.Fragtor.22053
SkyhighBehavesLike.Win32.Generic.bc
McAfeeGenericRXAA-AA!649F2CD651A3
MalwarebytesCrypt.Trojan.Malicious.DDS
SangforSuspicious.Win32.Save.a
K7AntiVirusTrojan ( 0058c5ff1 )
AlibabaMalware:Win32/km_280b22.None
K7GWTrojan ( 005762bf1 )
Cybereasonmalicious.49dbf9
ArcabitTrojan.Fragtor.D5625
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Kryptik.AUY
CynetMalicious (score: 100)
APEXMalicious
ClamAVWin.Packed.Ulpm-9832730-0
KasperskyTrojan.Win32.Copak.eojf
BitDefenderGen:Variant.Fragtor.22053
NANO-AntivirusRiskware.Win32.BitCoinMiner.jqpyoy
AvastWin32:CoinminerX-gen [Trj]
TencentTrojan.Win32.Coinminer.yi
EmsisoftGen:Variant.Fragtor.22053 (B)
F-SecureTrojan.TR/Crypt.ULPM.Gen
DrWebTrojan.Packed2.43250
VIPREGen:Variant.Fragtor.22053
FireEyeGeneric.mg.649f2cd651a32f2e
SophosMal/HckPk-A
SentinelOneStatic AI – Malicious PE
JiangminRiskTool.BitCoinMiner.urz
VaristW32/CoinMiner.CQ.gen!Eldorado
AviraTR/Crypt.ULPM.Gen
MAXmalware (ai score=100)
Antiy-AVLGrayWare/Win32.Kryptik.ffp
KingsoftWin32.Trojan.Copak.eojf
XcitiumPacked.Win32.MUPX.Gen@24tbus
MicrosoftTrojan:Win32/InjectorCrypt!pz
ZoneAlarmTrojan.Win32.Copak.eojf
GDataGen:Variant.Fragtor.22053
GoogleDetected
AhnLab-V3Malware/Win32.Generic.R371288
BitDefenderThetaGen:NN.ZexaF.36792.XmW@aqZG85b
ALYacGen:Variant.Fragtor.22053
VBA32Trojan.Packed
Cylanceunsafe
PandaTrj/Genetic.gen
RisingTrojan.Kryptik!1.D12D (CLASSIC)
IkarusTrojan.Win32.Injector
MaxSecureTrojan.Malware.74654884.susgen
FortinetW32/Kryptik.EAHK!tr
AVGWin32:CoinminerX-gen [Trj]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan:Win32/InjectorCrypt!pz?

Trojan:Win32/InjectorCrypt!pz removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment