What is "Win32/Injector.DJYH"?

The Win32/Injector.DJYH is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Injector.DJYH virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Enumerates user accounts on the system
Creates RWX memory
A process attempted to delay the analysis task.
Reads data out of its own binary image
Creates an excessive number of UDP connection attempts to external IP addresses
Performs some HTTP requests
Attempts to modify desktop wallpaper
Executed a process and injected code into it, probably while unpacking
Exhibits behavior characteristic of Cerber ransomware
Attempts to execute a binary from a dead or sinkholed URL
Creates a hidden or system file
Attempts to modify proxy settings
Attempts to access Bitcoin/ALTCoin wallets
Collects information to fingerprint the system

Related domains:

api.blockcypher.com

btc.blockr.io

How to determine Win32/Injector.DJYH?


File Info:
crc32: 4B84E893
md5: 85995fb9b752e06c133d7269927977b0
name: 85995FB9B752E06C133D7269927977B0.mlw
sha1: 3dd4287941671d74789b2514ad6b342ed54b5078
sha256: a4704d3fdb7f14cd94dd1d58d56aa03a57672a852dbe13de5c2d207425d62c28
sha512: dcbbbdfd7f78f8e5fe8744c7a4f1a98f453e042fab90fe7b786672207347b18fd897c6c2012e1467f9a1938376bdf16ae3724b6e633e4ba508ddbb727857a2fa
ssdeep: 6144:6xygXyf07QpjdTNzdiTFCw85CbxIJRIgnxDsH4ReSzboEn1EdBLkKztRd:6xhXq0ghTlwT8w8RRIOD0mTzbznGXvLd
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Win32/Injector.DJYH also known as:

Bkav	W32.AIDetect.malware1
K7AntiVirus	Trojan ( 005021da1 )
Elastic	malicious (high confidence)
DrWeb	Trojan.Encoder.4691
Cynet	Malicious (score: 100)
CAT-QuickHeal	Trojan.MauvaiseRI.S5243021
ALYac	Gen:Variant.Symmi.73669
Cylance	Unsafe
Sangfor	Trojan.Win32.Save.a
CrowdStrike	win/malicious_confidence_100% (D)
K7GW	Trojan ( 005021da1 )
Cybereason	malicious.9b752e
Cyren	W32/S-308f2e68!Eldorado
Symantec	Ransom.Cerber!g17
ESET-NOD32	a variant of Win32/Injector.DJYH
APEX	Malicious
Avast	Win32:RansomX-gen [Ransom]
Kaspersky	HEUR:Trojan-Ransom.Win32.Zerber.vho
BitDefender	Gen:Variant.Symmi.73669
NANO-Antivirus	Trojan.Win32.FileCoder.ekrqhq
MicroWorld-eScan	Gen:Variant.Symmi.73669
Tencent	Malware.Win32.Gencirc.10c88031
Ad-Aware	Gen:Variant.Symmi.73669
Sophos	Mal/Generic-R + Mal/Cerber-V
Comodo	Malware@#2sah495oeah57
BitDefenderTheta	Gen:NN.ZexaF.34692.yyZ@aiLuRKde
VIPRE	Trojan.Win32.Generic!BT
TrendMicro	Ransom_HPLOCKY.SM4
McAfee-GW-Edition	BehavesLike.Win32.Trojan.fc
FireEye	Generic.mg.85995fb9b752e06c
Emsisoft	Gen:Variant.Symmi.73669 (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1117667
eGambit	Unsafe.AI_Score_99%
Antiy-AVL	Trojan/Generic.ASMalwS.246C025
Microsoft	Ransom:Win32/Cerber.J
AegisLab	Trojan.Win32.Generic.4!c
GData	Gen:Variant.Symmi.73669
AhnLab-V3	Trojan/Win32.injector.R223610
McAfee	Ransomware-FMEE!85995FB9B752
MAX	malware (ai score=100)
VBA32	Trojan.Encoder
Malwarebytes	Malware.AI.3628355907
Panda	Trj/Genetic.gen
TrendMicro-HouseCall	Ransom_HPLOCKY.SM4
Rising	Trojan.Injector!8.C4 (TFE:5:p2gDLblhAER)
Yandex	Trojan.Agent!yxntGE3lAI8
Ikarus	Trojan-Ransom.Cerber
Fortinet	W32/Injector.DJXZ!tr
AVG	Win32:RansomX-gen [Ransom]
Paloalto	generic.ml

How to remove Win32/Injector.DJYH?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

What is “Win32/Injector.DJYH”?