Malware

What is “Win32/Injector.CNT”?

Malware Removal

The Win32/Injector.CNT is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.CNT virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Expresses interest in specific running processes
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to repeatedly call a single API many times in order to delay analysis time
  • Installs itself for autorun at Windows startup
  • Creates a copy of itself
  • Anomalous binary characteristics

Related domains:

tntooo.no-ip.biz

How to determine Win32/Injector.CNT?



File Info:

crc32: 534028D3
md5: a4d3ffeb729156761f4d5fe0c42ae527
name: A4D3FFEB729156761F4D5FE0C42AE527.mlw
sha1: 0511ed58b2ecb23cc88cec3abc5dc69f12f34a34
sha256: 327e1672d004ba6b54d32b50587d55aa67ed30fb822e7ee38697dc04b12f1ad4
sha512: 3bc2e316d12e3b3789cc0fb76914000bc2a91131d620e08415cf7673f1d1b275b86858ab40d14a54b9b9b1f36f34552ece3890b5b78e950ed53c78fc27e5d0e1
ssdeep: 1536:4CWM/8yxkCjfWAeuoUaK4oerycvSQUM+n9GBEPwH0iBvvWjncZEGTzbpjzWLa3cQ:npHjfW8fa33GASWLUmnMn4Esbp+IcQ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: (c) Angus Johnson 1999-2009
InternalName: ResHack
FileVersion: 3.5.2.84
CompanyName: 
LegalTrademarks: 
Comments: Freeware, but see help file for conditions.
ProductName: 
ProductVersion: 3.0.0.0
FileDescription: Resource viewer, decompiler & recompiler.
OriginalFilename: ResHack
Aditional Notes: Not for distribution without the authors permission
Translation: 0x0c09 0x04e4

Win32/Injector.CNT also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0055e3991 )
Elasticmalicious (high confidence)
DrWebBackDoor.Bifrost.24343
MicroWorld-eScanTrojan.Ransom.Cerber.1
ALYacTrojan.Ransom.Cerber.1
CylanceUnsafe
ZillyaTrojan.Bifrose.Win32.19308
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
AlibabaWorm:Win32/Bifrose.7f32675d
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.b72915
CyrenW32/VBTrojan.Dropper.4!Maximus
SymantecTrojan.Gen.NPE.2
ESET-NOD32a variant of Win32/Injector.CNT
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyWorm.Win32.WBNA.ipa
BitDefenderTrojan.Ransom.Cerber.1
NANO-AntivirusTrojan.Win32.WBNA.eceoju
TencentMalware.Win32.Gencirc.114bec8c
Ad-AwareTrojan.Ransom.Cerber.1
SophosML/PE-A + Mal/Meredrop-A
ComodoMalware@#1u8xb3331jaav
BitDefenderThetaGen:NN.ZevbaF.34126.gm1@aeic0Tii
VIPREVirtool.Win32.Vbinject.1 (v)
TrendMicroTROJ_VBINJ.SMII
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
FireEyeGeneric.mg.a4d3ffeb72915676
EmsisoftTrojan.Ransom.Cerber.1 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Dropper.Gen
eGambitGeneric.Malware
Antiy-AVLTrojan/Generic.ASBOL.5
MicrosoftBackdoor:Win32/Bifrose
ArcabitTrojan.Ransom.Cerber.1
ZoneAlarmWorm.Win32.WBNA.ipa
GDataTrojan.Ransom.Cerber.1
AhnLab-V3Trojan/Win32.Refroso.C182739
McAfeeGenericR-HKN!A4D3FFEB7291
MAXmalware (ai score=100)
VBA32Malware-Cryptor.VB.gen.1
PandaGeneric Malware
TrendMicro-HouseCallTROJ_VBINJ.SMII
YandexTrojan.GenAsa!gdCBmoSS4RQ
IkarusVirus.Win32.Vbinder
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/VBNA.B!worm
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Win32/Injector.CNT?

Win32/Injector.CNT removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment