Trojan.Win32.DLLhijack.ei (file analysis)

The Trojan.Win32.DLLhijack.ei is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Trojan.Win32.DLLhijack.ei virus can do?

A process attempted to delay the analysis task.
Drops a binary and executes it
Unconventionial language used in binary resources: Chinese (Simplified)
Uses Windows utilities for basic functionality
Deletes its original binary from disk
Creates a hidden or system file
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

kumar807.blogspot.com

kumar807.wordpress.com

kumar807.livejournal.com

How to determine Trojan.Win32.DLLhijack.ei?


File Info:
crc32: 32758E6F
md5: 6b8ea12d811acf88f94b734bf5cfbfb3
name: 0eb038e7e5edd6ac1b4eee8dd1c51b6d94da24d02ba705e7e7f10b41edf701c2
sha1: ae93cb98812fa8de21ab8ca21941b01d770272e9
sha256: 0eb038e7e5edd6ac1b4eee8dd1c51b6d94da24d02ba705e7e7f10b41edf701c2
sha512: 43fa6573b31b689edbe06495c40656dd330859ce00e0a9b620c428801dfc1d89c4ac38b5b6fb0b16df94b8bb2e3a92b118d99ab610948cbf5bb4c30f9964dd29
ssdeep: 768:j5QGuIOFwKTMAj3cdXhwlbapQ8OsHBiR+hYHAGQ:VsIOFwKT/BlbapQH05WQ
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
0: [No Data]

Trojan.Win32.DLLhijack.ei also known as:

DrWeb	Trojan.Wmighost.9
MicroWorld-eScan	Gen:Variant.Symmi.59398
FireEye	Generic.mg.6b8ea12d811acf88
CAT-QuickHeal	Trojan.Dynamer.A4
McAfee	GenericR-FMW!6B8EA12D811A
Cylance	Unsafe
VIPRE	Trojan.Win32.Generic!BT
Sangfor	Malware
K7AntiVirus	Trojan ( 004a0b431 )
BitDefender	Gen:Variant.Symmi.59398
K7GW	Trojan ( 004a0b431 )
Cybereason	malicious.d811ac
TrendMicro	TROJ_SYNDICASEC.A
BitDefenderTheta	Gen:NN.ZexaF.33558.dqW@aiU05dgb
F-Prot	W32/WMIGhost.A.gen!Eldorado
Symantec	Trojan.Syndicasec
APEX	Malicious
Avast	Win32:Malware-gen
ClamAV	Win.Trojan.Syndicasec-6609573-0
GData	Gen:Variant.Symmi.59398
Kaspersky	Trojan.Win32.DLLhijack.ei
Alibaba	Trojan:Win32/Syndicasec.a06f9424
NANO-Antivirus	Trojan.Win32.Dwn.deefhc
AegisLab	Trojan.Win32.DLLhijack.4!c
Rising	Backdoor.Weemurl!8.31ED (TFE:5:ZBx5yTm0IrM)
Ad-Aware	Gen:Variant.Symmi.59398
Sophos	Troj/Thetatic-O
Comodo	Malware@#25r11xozm23yy
F-Secure	Heuristic.HEUR/AGEN.1018775
Zillya	Trojan.Agentb.Win32.5284
Invincea	heuristic
McAfee-GW-Edition	BehavesLike.Win32.Generic.qt
Emsisoft	Gen:Variant.Symmi.59398 (B)
Ikarus	Trojan.Win32.Syndicasec
Cyren	W32/WMIGhost.A.gen!Eldorado
Jiangmin	Trojan.Agentb.qf
Webroot	W32.Gen.BT
Avira	HEUR/AGEN.1018775
Antiy-AVL	Trojan/Win32.SGeneric
Endgame	malicious (high confidence)
Arcabit	Trojan.Symmi.DE806
SUPERAntiSpyware	Trojan.Agent/Gen-Malagent
ZoneAlarm	Trojan.Win32.DLLhijack.ei
Microsoft	Trojan:Win32/Syndicasec
AhnLab-V3	Trojan/Win32.Agentb.R139589
ALYac	Gen:Variant.Symmi.59398
MAX	malware (ai score=100)
VBA32	Trojan.Agentb
Panda	Trj/CI.A
ESET-NOD32	Win32/Syndicasec.F
TrendMicro-HouseCall	TROJ_SYNDICASEC.A
Tencent	Malware.Win32.Gencirc.10b3dff9
Yandex	Trojan.Agentb!+O/38dHvHR4
SentinelOne	DFI – Suspicious PE
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Agentb.BEVF!tr
AVG	Win32:Malware-gen
Paloalto	generic.ml
CrowdStrike	win/malicious_confidence_90% (W)
Qihoo-360	Win32/Trojan.6f3

How to remove Trojan.Win32.DLLhijack.ei?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Trojan.Win32.DLLhijack.ei (file analysis)