Malware

About “Win32/Injector.K” infection

Malware Removal

The Win32/Injector.K is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.K virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • Uses Windows utilities for basic functionality
  • Executed a process and injected code into it, probably while unpacking
  • Deletes its original binary from disk
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

How to determine Win32/Injector.K?



File Info:

crc32: 43A62C61
md5: ca95cc78f4cbff7cec983e29d566d383
name: CA95CC78F4CBFF7CEC983E29D566D383.mlw
sha1: 9d79161f9448e93d349f7883942326fc8e7362b2
sha256: de53a13b7c2bab0cd7e5d2cc636109fa0be80493b2648cf4a851cf8e57a7faf9
sha512: 27feb678dae6d385b311ac933c4b8b19ccea4a190bea88403d63d79d4be38ebe2a0f851a4fcc17215bc28757ec0b77420a2dc6e0c0667d93749745b761312aa6
ssdeep: 384:N5RdCyDMqlWXmQ2dNEawR5p/CcI6aOvm3zSvHp+x8gc6Pc5ZlUbvI:7CyIqlymQCid/CcI6nejSgqZlg
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Win32/Injector.K also known as:

K7AntiVirusTrojan ( 7000000f1 )
LionicTrojan.Win32.Zbot.4!c
Elasticmalicious (high confidence)
DrWebBackDoor.Siggen.50976
CynetMalicious (score: 100)
ALYacGen:Trojan.ExplorerHijack.bGY@aGkioJh
CylanceUnsafe
ZillyaTrojan.Delf.Win32.10216
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_90% (D)
AlibabaTrojanSpy:Win32/DelfInject.a88b634c
K7GWTrojan ( 7000000f1 )
Cybereasonmalicious.8f4cbf
CyrenW32/Agent.S.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.K
APEXMalicious
AvastWin32:Agent-AQYW [Trj]
ClamAVWin.Trojan.Delf-2367
KasperskyTrojan-Spy.Win32.Zbot.wssd
BitDefenderGen:Trojan.ExplorerHijack.bGY@aGkioJh
NANO-AntivirusTrojan.Win32.Delf.iiwlq
ViRobotTrojan.Win32.A.Delf.20992.R
MicroWorld-eScanGen:Trojan.ExplorerHijack.bGY@aGkioJh
TencentWin32.Trojan-spy.Zbot.Taor
Ad-AwareGen:Trojan.ExplorerHijack.bGY@aGkioJh
SophosML/PE-A
ComodoTrojWare.Win32.PSW.Delf.O@m1ctm
BitDefenderThetaAI:Packer.33C255801E
VIPREBehavesLike.Win32.Malware.eah (mx-v)
TrendMicroTROJ_DROPPR.CP
McAfee-GW-EditionBehavesLike.Win32.BadFile.mm
FireEyeGeneric.mg.ca95cc78f4cbff7c
EmsisoftGen:Trojan.ExplorerHijack.bGY@aGkioJh (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan/Delf.jio
WebrootVir.Tool.Gen
AviraBDS/Delf.lzq
eGambitUnsafe.AI_Score_100%
Antiy-AVLTrojan/Generic.ASMalwS.477A2
KingsoftHeur.SSC.57971.1216.(kcloud)
MicrosoftVirTool:Win32/DelfInject.gen!BV
GDataGen:Trojan.ExplorerHijack.bGY@aGkioJh
AhnLab-V3Trojan/Win32.Buzus.C64814
Acronissuspicious
McAfeeArtemis!CA95CC78F4CB
MAXmalware (ai score=83)
VBA32BScope.Trojan.Wacatac
MalwarebytesMachineLearning/Anomalous.95%
PandaTrj/CI.A
TrendMicro-HouseCallTROJ_DROPPR.CP
RisingStealer.OnLineGames!1.66E7 (CLASSIC)
YandexTrojan.GenAsa!UmbQYjOfCqQ
IkarusTrojan-Downloader.Win32.Delf
FortinetW32/Injector.fam!tr
AVGWin32:Agent-AQYW [Trj]
Paloaltogeneric.ml

How to remove Win32/Injector.K?

Win32/Injector.K removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment