Malware

Win32/Injector.MSJ information

Malware Removal

The Win32/Injector.MSJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.MSJ virus can do?

  • At least one process apparently crashed during execution
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Unconventionial language used in binary resources: Spanish (Modern)
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Win32/Injector.MSJ?



File Info:

name: D219EC14C9C54C57BAD7.mlw
path: /opt/CAPEv2/storage/binaries/96edef8077c2fe2f60aa967ad23b3899a6252ebf6fdd55ae1d4290fb7d328954
crc32: B6EA03B4
md5: d219ec14c9c54c57bad77d606f3e10bc
sha1: f011e600d96e89a72b00adb5ff790d9204c72b89
sha256: 96edef8077c2fe2f60aa967ad23b3899a6252ebf6fdd55ae1d4290fb7d328954
sha512: 5fdf73851acbfdf55e42e306c6d021db23f9e4ce548abfacc4cf0042b4d50e5612265730801e6c31c3d1e7206f6f083b9356e75e363db3832be2d082d8e3e431
ssdeep: 3072:fSDNI+cjNTjuO8zYkS6P+pmjVItNz/jO71r06JvJiPn29D+55HSk99XJcTphigTT:k21jNWspjNHSkW5eI
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1CEF3E169B755582AF9954039101A7776B8512A3A3FCEC40DEB438F6D24BC6CBB3F420B
sha3_384: d2dbea78c72faa4132a9eb276f22463f59fddba5cd3907963a0c40c8f2e5fa909cacf5bfbd9cf39a74f84518552cb9d9
ep_bytes: 9c60e80200000033c08bc483c004938b
timestamp: 2011-08-14 15:50:09


Version Info:

Translation: 0x0c0a 0x04b0
CompanyName: W7 Activator v2
FileDescription: Activador de recursos Windowns 7 todas  as versões
LegalCopyright: W7 Aplications v1
ProductName: W7 Aplications
FileVersion: 1.02.0001
ProductVersion: 1.02.0001
InternalName: Activator
OriginalFilename: Activator.exe

Win32/Injector.MSJ also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Generic.lpeb
Elasticmalicious (high confidence)
DrWebTrojan.PWS.Siggen.31370
CynetMalicious (score: 100)
FireEyeGeneric.mg.d219ec14c9c54c57
ALYacGen:Variant.Razy.733978
CylanceUnsafe
ZillyaTrojan.Xorist.Win32.143
SangforSuspicious.Win32.Save.a
AlibabaRansom:Win32/Xorist.435c63e1
Cybereasonmalicious.4c9c54
BitDefenderThetaGen:NN.ZexaF.34212.ky1@aCn80BI
CyrenW32/GenTroj.O.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32Win32/Injector.MSJ
TrendMicro-HouseCallTROJ_AGENT_006655.TOMB
ClamAVWin.Packed.Rebnip-9836925-0
KasperskyTrojan-Ransom.Win32.Xorist.cx
BitDefenderGen:Variant.Razy.733978
NANO-AntivirusTrojan.Win32.Xorist.ithixn
SUPERAntiSpywareTrojan.Agent/Gen-MalPE
MicroWorld-eScanGen:Variant.Razy.733978
AvastWin32:GenMalicious-YL [Trj]
TencentMalware.Win32.Gencirc.114d4cb3
Ad-AwareGen:Variant.Razy.733978
EmsisoftGen:Variant.Razy.733978 (B)
ComodoMalware@#yui6uuo30lpf
VIPRETrojan.Win32.Generic.pak!cobra
TrendMicroTROJ_AGENT_006655.TOMB
McAfee-GW-EditionBehavesLike.Win32.Infected.cm
SophosMal/Generic-S
IkarusTrojan-Ransom.Xorist
GDataGen:Variant.Razy.733978
JiangminTrojan/Xorist.cm
WebrootW32.Trojan.Gen
AviraTR/Crypt.PEPM.Gen
ArcabitTrojan.Razy.DB331A
ViRobotTrojan.Win32.A.Xorist.167870
ZoneAlarmTrojan-Ransom.Win32.Xorist.cx
MicrosoftTrojan:Win32/Occamy.C
SentinelOneStatic AI – Malicious PE
AhnLab-V3Trojan/Win32.Bifrose.R42577
Acronissuspicious
McAfeeGeneric Malware.go!ats
VBA32Hoax.Xorist
MalwarebytesMalware.AI.4184621257
APEXMalicious
RisingRansom.Xorist!8.4A0 (CLOUD)
YandexTrojan.Xorist!bD+CxNPlmNU
MAXmalware (ai score=100)
MaxSecureTrojan.Malware.3191321.susgen
FortinetW32/VBKrypt.HNIK!tr
AVGWin32:GenMalicious-YL [Trj]
PandaGeneric Malware
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Win32/Injector.MSJ?

Win32/Injector.MSJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment