Malware

Win32/Injector.DZUD malicious file

Malware Removal

The Win32/Injector.DZUD is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.DZUD virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics

How to determine Win32/Injector.DZUD?



File Info:

crc32: 1FEFB0E3
md5: 7d7c6ed5cf0060c4983ee805db66f83f
name: 7D7C6ED5CF0060C4983EE805DB66F83F.mlw
sha1: 8af4f78ec4f1b76dd649a4ef073f733154b7d721
sha256: c7c4e0fd25fd71264f5dd9224b5a8b32788748954301fd096189aa1e63478b67
sha512: 899777a66707fd55e734e240597c5f93ddd8fb07ffeb15abb46f70780268d7c500c5257229b418f819a70b4e370e8ab4d2fe6ecb1b734c6f4630e186719b5382
ssdeep: 6144:mVu7iogy5N1IAgkLKjKUjBxAm4gEfpCE8ObCSL8sXQ7K1stlD:aumogy5N+AgkeHxA7gAdb9DQO1stlD
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

Translation: 0x0409 0x04b0
LegalCopyright: xa9 1997-2018 now break a file into unlimited fragments
InternalName: Feedback
FileVersion: 1.00
CompanyName: break a file into unlimited fragments
LegalTrademarks: into unlimited fragments
Comments: break a file into unlimited fragments
ProductName: fragments
ProductVersion: 1.00
FileDescription: break a file into unlimited fragments
OriginalFilename: Feedback.exe

Win32/Injector.DZUD also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 0053858b1 )
LionicTrojan.Win32.Blocker.4!c
Elasticmalicious (high confidence)
DrWebTrojan.DownLoader26.58429
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.40600146
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.126030
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaRansom:Win32/Blocker.058b900d
K7GWTrojan ( 0053858b1 )
Cybereasonmalicious.5cf006
SymantecPacked.Generic.558
ESET-NOD32a variant of Win32/Injector.DZUD
APEXMalicious
AvastWin32:Malware-gen
ClamAVWin.Malware.TrickBot-9394773-1
KasperskyTrojan-Ransom.Win32.Blocker.lcme
BitDefenderTrojan.GenericKD.40600146
NANO-AntivirusTrojan.Win32.Blocker.ffnzql
MicroWorld-eScanTrojan.GenericKD.40600146
TencentMalware.Win32.Gencirc.10cb6389
Ad-AwareTrojan.GenericKD.40600146
SophosMal/Generic-S
ComodoMalware@#w1jw03j0fggi
BitDefenderThetaGen:NN.ZevbaF.34058.wm1@aulaYLfO
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionGenericRXGH-FC!7D7C6ED5CF00
FireEyeGeneric.mg.7d7c6ed5cf0060c4
EmsisoftTrojan.GenericKD.40600146 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.Blocker.jaf
WebrootW32.Adware.Gen
Antiy-AVLTrojan/Generic.ASMalwS.2707A14
MicrosoftTrojan:Win32/Occamy.CC7
SUPERAntiSpywareRansom.Blocker/Variant
GDataTrojan.GenericKD.40600146
TACHYONRansom/W32.VB-Blocker.372804
AhnLab-V3Trojan/Win32.Agent.R238692
McAfeeGenericRXGH-FC!7D7C6ED5CF00
MAXmalware (ai score=100)
VBA32TScope.Trojan.VB
MalwarebytesMalware.AI.2267302506
PandaTrj/Genetic.gen
YandexTrojan.GenAsa!Z6XUgKVrP6E
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Generic.AC.4170B4
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Blocker.HgIASOoA

How to remove Win32/Injector.DZUD?

Win32/Injector.DZUD removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment