Trojan

Trojan.Win32.Injuke.feih malicious file

Malware Removal

The Trojan.Win32.Injuke.feih is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Trojan.Win32.Injuke.feih virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Dynamic (imported) function loading detected
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Spanish (Ecuador)
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Detects Sandboxie through the presence of a library
  • Detects Avast Antivirus through the presence of a library
  • Checks the presence of disk drives in the registry, possibly for anti-virtualization

How to determine Trojan.Win32.Injuke.feih?



File Info:

name: FC43929D477D1BB54A6A.mlw
path: /opt/CAPEv2/storage/binaries/1596d913f405f6835cf2dae52ed8ee76112b228ae996a32c85f9838e1c16feb9
crc32: BB5D3723
md5: fc43929d477d1bb54a6a9af776aadbb2
sha1: c6618d990d7c159c0756f8de36d542748026c3cf
sha256: 1596d913f405f6835cf2dae52ed8ee76112b228ae996a32c85f9838e1c16feb9
sha512: ee48f485bdfad1481148047ec5a8a5e3564026a990555b65b9760d45e2f07894af16d373a5108e3683672220490e83b71ff6c815e093e9d18bd7eb3cffaea7c9
ssdeep: 3072:rwNNX+nbOp6t5JqbkGvoOV5TnCEpyOO9hsZVggjcGkNIVqIz52:Up0L1OCEpy74b7ITsqn
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19E049EE176E0C472C7A27930C8619FA14E3FB862DA64454B377817AE6F723C05A2635F
sha3_384: dbfb416eddaa1a9de3155e3043f7928edf820aff467704d0f0b354a8f5c8dfe50d1ab80dbef6604fa469c98f14a9e355
ep_bytes: e8a3420000e978feffffcccccccccccc
timestamp: 2021-04-15 08:00:07


Version Info:

InternalName: bomgpiaruci.iwa
Copyright: Copyrighz (C) 2021, fudkat
ProductVersion: 23.54.77.27
Translation: 0x0127 0x046a

Trojan.Win32.Injuke.feih also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.Malicious.4!c
Elasticmalicious (high confidence)
CynetMalicious (score: 100)
ALYacTrojan.GenericKD.38255346
CylanceUnsafe
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 0058bb551 )
AlibabaTrojan:Win32/Injuke.49f3f122
K7GWTrojan ( 0058bb551 )
Cybereasonmalicious.90d7c1
CyrenW32/Kryptik.FWV.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Kryptik.HNQO
APEXMalicious
Paloaltogeneric.ml
KasperskyTrojan.Win32.Injuke.feih
BitDefenderTrojan.GenericKD.38255346
MicroWorld-eScanTrojan.GenericKD.38255346
AvastWin32:Trojan-gen
Ad-AwareTrojan.GenericKD.38255346
SophosML/PE-A + Mal/Agent-AWV
DrWebTrojan.PWS.Stealer.31726
TrendMicroTROJ_GEN.R03FC0DLE21
McAfee-GW-EditionBehavesLike.Win32.Generic.ch
FireEyeGeneric.mg.fc43929d477d1bb5
EmsisoftTrojan.Crypt (A)
SentinelOneStatic AI – Malicious PE
GDataWin32.Trojan.BSE.13HWNF8
JiangminTrojan.Agent.dsxn
MAXmalware (ai score=87)
GridinsoftRansom.Win32.Sabsik.sa
ArcabitTrojan.Generic.D247BAF2
MicrosoftTrojan:Win32/Azorult.RMA!MTB
AhnLab-V3CoinMiner/Win.Glupteba.R457880
Acronissuspicious
McAfeePacked-GEE!FC43929D477D
VBA32Malware-Cryptor.2LA.gen
MalwarebytesTrojan.MalPack.GS
TrendMicro-HouseCallTROJ_GEN.R03FC0DLE21
RisingTrojan.Generic@ML.95 (RDMK:bNyautleqaaw63w29VfqEw)
YandexTrojan.Injuke!ReVy90Lbvy8
IkarusTrojan-Ransom.StopCrypt
MaxSecureTrojan.Malware.300983.susgen
FortinetPossibleThreat.PALLAS.H
BitDefenderThetaGen:NN.ZexaF.34084.lu0@aajwRGUG
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Trojan.Win32.Injuke.feih?

Trojan.Win32.Injuke.feih removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment