MSIL/Injector.DHB removal guide

The MSIL/Injector.DHB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What MSIL/Injector.DHB virus can do?

CAPE extracted potentially suspicious content
Authenticode signature is invalid
Anomalous .NET characteristics

How to determine MSIL/Injector.DHB?


File Info:
name: FC809E798A20624C07D3.mlw
path: /opt/CAPEv2/storage/binaries/2748db16aa12b9c07046974c1301aa6408f60f84f8138b1e8e1b639db3412913
crc32: A32021A2
md5: fc809e798a20624c07d3ac6a7cf025f4
sha1: e1b2ae65e007cf19e5d7505fc29621d67e101992
sha256: 2748db16aa12b9c07046974c1301aa6408f60f84f8138b1e8e1b639db3412913
sha512: 018e4fd97a7cbbf59638ec333b3c0239f0b5250786edf02f200032032df54cd0335a177de8ca2494aa2baec965da0d5650b59b7265c640b46bc0c659c70721c1
ssdeep: 768:x3ceivoYn7ChKNhuHgoXhM8a5LBi1O3rytUiF1XfAZAf:NF4t8a594+rKUE
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T130535F11ABEA0218F1BA57B9D6B715648673BD125839D34E08CCE09D3FF3A849851FB3
sha3_384: 9fb3534087407607899092ba847741d5d475cb3c6e301787f2f8092105f9c45fe9d8507b2b06fbc6ee44c527df773284
ep_bytes: ff250020400000000000000000000000
timestamp: 2020-05-30 18:16:05

Version Info:
Translation: 0x0000 0x04b0
FileDescription:  
FileVersion: 0.0.0.0
InternalName: WindowsApplication.exe
LegalCopyright:  
OriginalFilename: WindowsApplication.exe
ProductVersion: 0.0.0.0
Assembly Version: 0.0.0.0

MSIL/Injector.DHB also known as:

Lionic	Trojan.Win32.Generic.4!c
Cynet	Malicious (score: 100)
Cylance	unsafe
Sangfor	Trojan.Win32.Injector.Aeb9
K7AntiVirus	Trojan ( 004b9e311 )
Alibaba	Trojan:MSIL/Injector.df996b4a
K7GW	Trojan ( 004b9e311 )
BitDefenderTheta	Gen:NN.ZemsilF.36662.dm0@aKNWN@o
Symantec	ML.Attribute.HighConfidence
Elastic	malicious (high confidence)
ESET-NOD32	a variant of MSIL/Injector.DHB
APEX	Malicious
ClamAV	Win.Packed.Lynx-6899009-0
Kaspersky	HEUR:Trojan.Win32.Generic
Avast	Win32:Trojan-gen
Tencent	Win32.Trojan.Generic.Jtgl
Sophos	Mal/Generic-S
McAfee-GW-Edition	Artemis!Trojan
Ikarus	Trojan.MSIL.Injector
Antiy-AVL	Trojan/MSIL.Injector
Xcitium	Malware@#1vr98th6evca7
ZoneAlarm	HEUR:Trojan.Win32.Generic
Microsoft	Trojan:Win32/Wacatac.B!ml
Google	Detected
McAfee	Artemis!FC809E798A20
Malwarebytes	Generic.Malware/Suspicious
Panda	Trj/GdSda.A
Rising	Trojan.Generic!8.C3 (CLOUD)
SentinelOne	Static AI – Malicious PE
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	MSIL/DHB!tr
AVG	Win32:Trojan-gen
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)

How to remove MSIL/Injector.DHB?

MSIL/Injector.DHB removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X