Malware

How to remove “MSIL:GenMalicious-EJH [Trj]”?

Malware Removal

The MSIL:GenMalicious-EJH [Trj] is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What MSIL:GenMalicious-EJH [Trj] virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Reads data out of its own binary image
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Network activity detected but not expressed in API logs

How to determine MSIL:GenMalicious-EJH [Trj]?



File Info:

crc32: 429DB20E
md5: 008683a87a3b6d09f054a1597661154f
name: 008683A87A3B6D09F054A1597661154F.mlw
sha1: 1fd59efaf2374cdfc69480920bd5a506ec8862ad
sha256: b0b9e913c0e4dd2bd0ec0a6f03f22020ca0068682911de3ea89d2e364e67beab
sha512: 8633f1b59e57e37beb6ba5d8a8083c96171ee29bf0390088ad23fbd6b99d02ae1dd046ca62d02275db6b1e775026a7284d11fc72b76880a2a82098c7fe2cfbee
ssdeep: 24576:CEhufekMA/syfSvnB8mrYpnt9CgxSZ3h/ELj12n/IAXu+yFdItwG5:Bhufe3A/syfSfB8mrYnt9wZx/icgAe+
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows


Version Info:

Translation: 0x0000 0x04b0
LegalCopyright: Copyright xa9 2021 Naipsuu Corporation
Assembly Version: 0.7.2771.7465
InternalName: test.exe
FileVersion: 0.7.2771.7465
CompanyName: Naipsuu
LegalTrademarks: Naipsuu Corporation
Comments: Redsaiiui Vuoeessie Shitho Welreeo Jioaaiaio
ProductName: Thiftoa Duoae Fouae
ProductVersion: 0.7.2771.7465
FileDescription: Xuiftoe Theeaaiue
OriginalFilename: test.exe

MSIL:GenMalicious-EJH [Trj] also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Razy.649460
ALYacGen:Variant.Razy.649460
CylanceUnsafe
SangforSuspicious.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 004da39b1 )
K7AntiVirusTrojan ( 004da39b1 )
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Injector.ERC
APEXMalicious
AvastMSIL:GenMalicious-EJH [Trj]
CynetMalicious (score: 99)
KasperskyHEUR:Backdoor.Win32.Generic
BitDefenderGen:Variant.Razy.649460
NANO-AntivirusTrojan.Win32.Resetter.dkkfyp
TencentWin32.Backdoor.Generic.Dba
Ad-AwareGen:Variant.Razy.649460
SophosML/PE-A + Troj/MSILInj-HI
BitDefenderThetaGen:NN.ZemsilF.34170.mn0@ayOrhKlG
McAfee-GW-EditionArtemis!Trojan
FireEyeGeneric.mg.008683a87a3b6d09
EmsisoftGen:Variant.Razy.649460 (B)
SentinelOneStatic AI – Malicious PE
AviraTR/Inject.xbbeicg
eGambitUnsafe.AI_Score_98%
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ZoneAlarmHEUR:Backdoor.Win32.Generic
GDataGen:Variant.Razy.649460
AhnLab-V3Win-Trojan/MDA.19171308.X1376
McAfeeArtemis!008683A87A3B
MAXmalware (ai score=84)
VBA32CIL.StupidPInvoker-2.Heur
TrendMicro-HouseCallTROJ_GEN.R014C0RJ321
IkarusTrojan.MSIL.Injector
FortinetMSIL/Injector.ELR!tr
AVGMSIL:GenMalicious-EJH [Trj]

How to remove MSIL:GenMalicious-EJH [Trj]?

MSIL:GenMalicious-EJH [Trj] removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment