Malware

How to remove “Win32/Injector.CZCC”?

Malware Removal

The Win32/Injector.CZCC is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.CZCC virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Azeri (Cyrillic)
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Mimics the file times of a Windows system file
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Win32/Injector.CZCC?



File Info:

crc32: 0683EC8E
md5: d5f9142eb6cf9ac3fe15ca8cab636f9b
name: D5F9142EB6CF9AC3FE15CA8CAB636F9B.mlw
sha1: cdfb35d9283c5990a91cd041862c4f18a5752a5c
sha256: ce2b0b2037810060edbf86fc7ac78c5e0d4771b79181e39718498b02195e3642
sha512: a5adc9da9ee711d2d809c2fe7b697a1c15e31d08c057c1bd5bf31333300be3ee39290c39431d351ce9b8b31ed0ffb4f349104c9dc41787a9c92aca57df91147d
ssdeep: 3072:tS2m5NRyhSVVOEXvxRrBiNI+bUfl2m4S84SFAZkT:jm5nx8GxhBHlL4S84S4s
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x082c 0x04b0
InternalName: Grandmaster
FileVersion: 1.00
CompanyName:     ~
ProductName: Haynau
ProductVersion: 1.00
OriginalFilename: Grandmaster.exe

Win32/Injector.CZCC also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0055e3991 )
LionicTrojan.Win32.SelfDel.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.4691
CynetMalicious (score: 100)
CAT-QuickHealRansom.CerberVMF.S13669654
ALYacTrojan.Ransom.Cerber.1
CylanceUnsafe
ZillyaTrojan.Injector.Win32.383630
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (D)
K7GWTrojan ( 0055e3991 )
Cybereasonmalicious.eb6cf9
CyrenW32/Cerber.I.gen!Eldorado
SymantecRansom.Cerber!g6
ESET-NOD32a variant of Win32/Injector.CZCC
APEXMalicious
AvastWin32:Trojan-gen
ClamAVWin.Ransomware.Cerber-7419509-0
KasperskyTrojan.Win32.SelfDel.cbsq
BitDefenderTrojan.Ransom.Cerber.1
NANO-AntivirusTrojan.Win32.Inject.ecpiag
MicroWorld-eScanTrojan.Ransom.Cerber.1
TencentMalware.Win32.Gencirc.10b1fe85
Ad-AwareTrojan.Ransom.Cerber.1
SophosML/PE-A + Mal/FareitVB-D
BitDefenderThetaGen:NN.ZevbaF.34790.lm1@aGyEhmpG
VIPRETrojan.Win32.Generic!BT
TrendMicroTrojanSpy.Win32.FAREIT.SMAL01.hp
McAfee-GW-EditionPWSZbot-ART
FireEyeGeneric.mg.d5f9142eb6cf9ac3
EmsisoftTrojan.Ransom.Cerber.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Selfdel.car
WebrootW32.Trojan.Gen
AviraTR/Injector.wbxb
Antiy-AVLTrojan/Generic.ASMalwS.18DA98B
KingsoftWin32.Troj.SelfDel.cb.(kcloud)
MicrosoftRansom:Win32/Cerber
ArcabitTrojan.Ransom.Cerber.1
SUPERAntiSpywareTrojan.Agent/Gen-VB
GDataTrojan.Ransom.Cerber.1
AhnLab-V3Win-Trojan/VBKrypt.RP.X1764
McAfeePWSZbot-ART
MAXmalware (ai score=100)
VBA32Trojan.SelfDel
MalwarebytesMachineLearning/Anomalous.100%
PandaTrj/Genetic.gen
TrendMicro-HouseCallTrojanSpy.Win32.FAREIT.SMAL01.hp
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Injector.DWXX!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
Qihoo-360Win32/Trojan.SelfDel.HwMAEpsA

How to remove Win32/Injector.CZCC?

Win32/Injector.CZCC removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment