Trojan

Should I remove “Trojan.Win32.Inject.amqii”?

Malware Removal

The Trojan.Win32.Inject.amqii is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Inject.amqii virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Created a process from a suspicious location
  • Checks the CPU name from registry, possibly for anti-virtualization

How to determine Trojan.Win32.Inject.amqii?



File Info:

name: 1A24CF327ED5F1AAE9D9.mlw
path: /opt/CAPEv2/storage/binaries/4f3581d43f58510206fee7639157ceb87b7679d01a11a3d24e8b5bfa6d5280e3
crc32: 943479DB
md5: 1a24cf327ed5f1aae9d99ba5f963dece
sha1: 03dcb2b499ed8f37a4d791f1fc9ed6f2152fa21c
sha256: 4f3581d43f58510206fee7639157ceb87b7679d01a11a3d24e8b5bfa6d5280e3
sha512: 4554e915a85ed4e4f2930c37e534345e5c66bacfd30d52401f393cb605f2c2e50e06c2401eb01e4f78bd222d857135fbcf50f375f471bc7711fcd859ec23fcc7
ssdeep: 24576:+MjhP0um1aFnFhlJfL1Amt138ab5dayy5:9h0t8Tl8+75X2
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T182351213F7C35835E52D057CEC6281887E6779B924E510792DFCEA4E0ABC3C15CBA6A2
sha3_384: 9fe26b935cae45e776e935b515d22e22ee76f72df7c3ebddf7b108f1c0418342f2560d53e2ad846f41eb4942fcfd0fcb
ep_bytes: 558bec83c4a453565733c08945c48945
timestamp: 2012-07-26 13:09:48


Version Info:

Comments: This installation was built with Inno Setup.
CompanyName: FreeTP.Org - Lego Worlds Multiplayer Fix                    
FileDescription: Lego Worlds                                                 
FileVersion:                     
LegalCopyright:                                                                                                     
ProductName: Lego Worlds                                                 
ProductVersion: 2.0.7.7             
Translation: 0x0000 0x04b0

Trojan.Win32.Inject.amqii also known as:

BkavW32.AIDetect.malware2
LionicTrojan.Win32.Inject.4!c
MicroWorld-eScanTrojan.GenericKD.37391098
FireEyeTrojan.GenericKD.37391098
ALYacTrojan.GenericKD.37391098
CylanceUnsafe
CyrenW32/Trojan.HAOB-0873
TrendMicro-HouseCallTROJ_GEN.R002H07D422
Paloaltogeneric.ml
KasperskyTrojan.Win32.Inject.amqii
BitDefenderTrojan.GenericKD.37391098
Ad-AwareTrojan.GenericKD.37391098
EmsisoftTrojan.GenericKD.37391098 (B)
McAfee-GW-EditionBehavesLike.Win32.BadFile.tc
SophosGeneric PUA AD (PUA)
GDataTrojan.GenericKD.37391098
WebrootW32.Trojan.GenKD
AviraTR/Injector.vzqmg
ArcabitTrojan.Generic.D23A8AFA
MicrosoftPUA:Win32/Presenoker
CynetMalicious (score: 99)
AhnLab-V3Trojan/Win32.Occamy.R347259
McAfeeArtemis!1A24CF327ED5
MAXmalware (ai score=100)
VBA32Trojan.Inject
MalwarebytesMalware.AI.4207884358
MaxSecureTrojan.Malware.103131092.susgen
Cybereasonmalicious.27ed5f

How to remove Trojan.Win32.Inject.amqii?

Trojan.Win32.Inject.amqii removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment