Malware

Win32/Injector.BJZV information

Malware Removal

The Win32/Injector.BJZV is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/Injector.BJZV virus can do?

  • Sample contains Overlay data
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Anomalous binary characteristics
  • Attempts to modify Explorer settings to prevent hidden files from being displayed

How to determine Win32/Injector.BJZV?


File Info:

name: CF14D555F69F13800A44.mlw
path: /opt/CAPEv2/storage/binaries/0856339ac2cc6f060e8b4c7d889b2939d7f5b9c2a076a0cf6eda3596cd02ffc6
crc32: 41644C0D
md5: cf14d555f69f13800a44a63e1a090122
sha1: 0bab37f96ba4354e15b2e1553a1b4354e3f71045
sha256: 0856339ac2cc6f060e8b4c7d889b2939d7f5b9c2a076a0cf6eda3596cd02ffc6
sha512: 8972fb007f73518a420a8003edc62b23cd8246b855200e35918aacb1b24b9453ce782bde28d8fffc9eaabacb67ba371e4ac9dcd0b788e1fb4a7012292cf92d15
ssdeep: 6144:LJGuymvOiZ+PP4e/xaHXm2aGWHVV/LUBUA1r5OCW9:9jvZ+nFZaH2cK/PATOJ9
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F4741212B9D1C473F87342348877CA988A3FBC161B72355F67986ADE5D623808A37367
sha3_384: 0d7ca61810f3904074e77e9b113516888935afcb98ebd571be6319f7ffcb0498a5f7074b11fe79ae51ce4e3b775f6854
ep_bytes: e8f61b0000e91efeffffcccccccccccc
timestamp: 2014-08-15 15:27:38

Version Info:

Comments: April pan production
CompanyName: Adjective gift stronger powder
FileDescription: Lack swing Eddy tax fifth July tape curve
FileVersion: 7.61.48.0
InternalName: Pen.exe
LegalCopyright: Copyright (C) Johnson influence excellent pen curious thee
LegalTrademarks: Piano task becoming
OriginalFilename: Pen.exe
ProductName: Mighty
ProductVersion: 7.61.48.0
Translation: 0x081a 0x081a

Win32/Injector.BJZV also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Generic.lZ7w
tehtrisGeneric.Malware
MicroWorld-eScanGen:Heur.Mint.Dreidel.vq1@yCulV3lO
ALYacGen:Heur.Mint.Dreidel.vq1@yCulV3lO
MalwarebytesBackdoor.Bot
ZillyaTrojan.Agent.Win32.482758
SangforVirus.Win32.Save.a
K7AntiVirusTrojan ( 004e8c841 )
K7GWTrojan ( 004e8c841 )
Cybereasonmalicious.5f69f1
CyrenW32/S-7079933f!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.BJZV
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Heur.Mint.Dreidel.vq1@yCulV3lO
NANO-AntivirusTrojan.Win32.Betabot.ddvrex
SUPERAntiSpywareTrojan.Agent/Gen-FalDesc
AvastWin32:Androp [Drp]
Ad-AwareGen:Heur.Mint.Dreidel.vq1@yCulV3lO
EmsisoftGen:Heur.Mint.Dreidel.vq1@yCulV3lO (B)
ComodoTrojWare.Win32.Ropest.AL@5t8o87
F-SecureHeuristic.HEUR/AGEN.1241554
DrWebWin32.HLLW.Autoruner2.1926
VIPREGen:Heur.Mint.Dreidel.vq1@yCulV3lO
TrendMicroTROJ_ROPEST.SMV2
McAfee-GW-EditionPacked-LZ.d!CF14D555F69F
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.cf14d555f69f1380
SophosML/PE-A + Mal/Wonton-K
SentinelOneStatic AI – Malicious PE
GDataGen:Heur.Mint.Dreidel.vq1@yCulV3lO
AviraHEUR/AGEN.1241554
MAXmalware (ai score=83)
Antiy-AVLTrojan/Win32.TSGeneric
ArcabitTrojan.Mint.Dreidel.EC163F
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftTrojan:Win32/Wacatac.B!ml
GoogleDetected
AhnLab-V3Dropper/Win32.Necurs.R116203
McAfeePacked-LZ.d!CF14D555F69F
VBA32Malware-Cryptor.Limpopo
CylanceUnsafe
TrendMicro-HouseCallTROJ_ROPEST.SMV2
RisingMalware.Undefined!8.C (TFE:5:9Q6gRHcSIpT)
YandexTrojan.Yakes!LF9EmqhaR2I
IkarusTrojan.Crypt.Agent
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Injector.GDA!tr
BitDefenderThetaGen:NN.ZexaF.34682.vq1@aCulV3lO
AVGWin32:Androp [Drp]
PandaTrj/Genetic.gen
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Injector.BJZV?

Win32/Injector.BJZV removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment