Malware

Win32/Injector.ENRR information

Malware Removal

The Win32/Injector.ENRR is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/Injector.ENRR virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Executable code extraction
  • Creates RWX memory
  • Expresses interest in specific running processes
  • Repeatedly searches for a not-found process, may want to run with startbrowser=1 option
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Network activity detected but not expressed in API logs
  • Anomalous binary characteristics

How to determine Win32/Injector.ENRR?


File Info:

crc32: EA6D4354
md5: 59253ab345b64ce24d49ea718e372101
name: upload_file
sha1: acee6909835878108ba439a3dac6f8a05a32fe9d
sha256: 36d9e1dd85890fa27253ebdfcad75e36e75dafbb0f5ef59b0bb26de04308c80a
sha512: 6ba88c2fde3eb7ecb5489458f0e95b564fc6698ac2e02369c0bacfc6a7e9927a11ce50f909ae67ea45c37d9fd241a1b599ed905b3e93c2a86491ff1ba106d42b
ssdeep: 24576:JbhWK5t/UHu5bf2qVhjo0FHkf7ZJZmgn8f:D9GcFrMYEDDQgna
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: Co9789p.
InternalName:
FileVersion: 0
CompanyName: Bmmuoiue C.
LegalTrademarks:
Comments:
ProductName:
ProductVersion: 6134s0
FileDescription:
OriginalFilename:
Translation: 0x0409 0x04e4

Win32/Injector.ENRR also known as:

BkavW32.AIDetectVM.malware2
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.GenericKD.34877844
FireEyeGeneric.mg.59253ab345b64ce2
CAT-QuickHealTrojan.DriveHide.VN8
McAfeeFareit-FZN!59253AB345B6
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Kryptik.4!c
SangforMalware
K7AntiVirusTrojan ( 00571a921 )
BitDefenderTrojan.GenericKD.34877844
K7GWTrojan ( 00571a921 )
Cybereasonmalicious.983587
CyrenW32/Injector.TXFG-5820
SymantecInfostealer.Lokibot!43
APEXMalicious
AvastWin32:Trojan-gen
KasperskyHEUR:Trojan.Win32.Kryptik.gen
AlibabaTrojan:Win32/DelfInject.ali2000015
ViRobotTrojan.Win32.Z.Kryptik.1060864.J
RisingTrojan.Injector!1.CDB7 (CLASSIC)
Ad-AwareTrojan.GenericKD.34877844
SophosMal/Generic-S
DrWebBackDoor.SpyBotNET.25
InvinceaMal/Generic-S
McAfee-GW-EditionFareit-FZN!59253AB345B6
EmsisoftTrojan.GenericKD.34877844 (B)
SentinelOneDFI – Suspicious PE
AviraTR/Kryptik.ykfmj
MAXmalware (ai score=86)
MicrosoftTrojan:Win32/LokibotCrypt.RK!MTB
ArcabitTrojan.Generic.D2143194
ZoneAlarmHEUR:Trojan.Win32.Kryptik.gen
GDataTrojan.GenericKD.34877844
CynetMalicious (score: 100)
Acronissuspicious
BitDefenderThetaGen:NN.ZelphiF.34590.aH0@aGJWrSki
ALYacTrojan.GenericKD.34877844
VBA32BScope.Trojan.Kryptik
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Injector.ENRR
TencentWin32.Trojan.Kryptik.Suxp
YandexTrojan.AvsArher.bTXNA7
IkarusWin32.SuspectCrc
eGambitUnsafe.AI_Score_99%
FortinetW32/GenKryptik.EUVX!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (W)
Qihoo-360Win32/Trojan.469

How to remove Win32/Injector.ENRR?

Win32/Injector.ENRR removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment