Trojan

Trojan-Dropper.Win32.Injector.uenu malicious file

Malware Removal

The Trojan-Dropper.Win32.Injector.uenu is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Trojan-Dropper.Win32.Injector.uenu virus can do?

  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Drops a binary and executes it
  • Unconventionial language used in binary resources: Hebrew
  • Creates an autorun.inf file
  • Executed a process and injected code into it, probably while unpacking
  • Anomalous binary characteristics

How to determine Trojan-Dropper.Win32.Injector.uenu?


File Info:

crc32: 4FDF4D6E
md5: fad09ba93c379953773555ec0faa40c2
name: FAD09BA93C379953773555EC0FAA40C2.mlw
sha1: 5961350d407aa097424d41a8c959ae3adb283939
sha256: 1a111724f198dc8e7e74673a71805c328da8b25dd9f2d141d88c17375e0dc5e8
sha512: e5d63a88f96ce5afb634f3dffcf77b87538aa289d872e7e739d03b16db2562b7b77ddca55171cc33c55b439e9f5ab78c220e09e41cb56e3087a5adae18b35fde
ssdeep: 49152:4uPPpURAjmKathy2XGoFKqsZLrB456D3yYPQS9KFNTKossKTzusGtMpq:NPPpURAGLy2CZLrB4ChQDswMpq
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

LegalCopyright: (c) Cameyo. All rights reserved.
InternalName: Loader
FileVersion: 2, 0, 877, 0
CompanyName: Cameyo (cameyo.com)
ProductName: Cameyo Application Virtualization
ProductVersion: 2, 0, 877, 0
FileDescription: Loader
OriginalFilename: Loader.exe
Translation: 0x0409 0x04b0

Trojan-Dropper.Win32.Injector.uenu also known as:

K7AntiVirusRiskware ( 0040eff71 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Siggen6.42831
ALYacTrojan.GenericKD.37692060
ZillyaDropper.Injector.Win32.84863
SangforTrojan.Win32.Save.a
AlibabaTrojanDropper:Win32/Injector.94a1f4b8
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.93c379
SymantecML.Attribute.HighConfidence
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyTrojan-Dropper.Win32.Injector.uenu
BitDefenderTrojan.GenericKD.37692060
MicroWorld-eScanTrojan.GenericKD.37692060
TencentMalware.Win32.Gencirc.10c88131
Ad-AwareTrojan.GenericKD.37692060
SophosGeneric ML PUA (PUA)
McAfee-GW-EditionBehavesLike.Win32.Dropper.wh
FireEyeGeneric.mg.fad09ba93c379953
EmsisoftTrojan.GenericKD.37692060 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDropper.Injector.bmsl
Antiy-AVLTrojan/Generic.ASMalwS.23D3077
MicrosoftTrojan:Win32/Wacatac.A!ml
GDataTrojan.GenericKD.37692060
McAfeeGenericRXAA-FA!FAD09BA93C37
MAXmalware (ai score=95)
VBA32Trojan.Wacatac
YandexTrojan.GenAsa!D/uEG2ckrkY
IkarusTrojan.Dropper.Injector
FortinetW32/Injector.UENU!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml

How to remove Trojan-Dropper.Win32.Injector.uenu?

Trojan-Dropper.Win32.Injector.uenu removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment