Malware

VirTool:Win32/CeeInject.AJE!bit removal

Malware Removal

The VirTool:Win32/CeeInject.AJE!bit is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What VirTool:Win32/CeeInject.AJE!bit virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Attempts to connect to a dead IP:Port (7 unique times)
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Estonian
  • The binary likely contains encrypted or compressed data.
  • Exhibits possible ransomware file modification behavior
  • Creates a hidden or system file
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Anomalous binary characteristics

Related domains:

www.billerimpex.com
www.macartegrise.eu
www.poketeg.com
perovaphoto.ru
asl-company.ru
www.fabbfoundation.gm
www.perfectfunnelblueprint.com
www.wash-wear.com
pp-panda74.ru
cevent.net
bellytobabyphotographyseattle.com
alem.be
apps.identrust.com
crl.identrust.com
x1.c.lencr.org
boatshowradio.com
dna-cp.com
acbt.fr
r3.o.lencr.org
wpakademi.com
www.cakav.hu
www.mimid.cz
6chen.cn
goodapd.website
oceanlinen.com
tommarmores.com.br
nesten.dk
zaeba.co.uk
www.n2plus.co.th
koloritplus.ru
h5s.vn
marketisleri.com
www.toflyaviacao.com.br
www.rment.in
www.lagouttedelixir.com
www.krishnagrp.com
big-game-fishing-croatia.hr
ocsp.digicert.com
mauricionacif.com
www.ismcrossconnect.com
aurumwedding.ru
test.theveeview.com
relectrica.com.mx
bethel.com.ve
vjccons.com.vn
bloghalm.eu
cyclevegas.com
royal.by
www.himmerlandgolf.dk
hoteltravel2018.com
picusglancus.pl
unnatimotors.in

How to determine VirTool:Win32/CeeInject.AJE!bit?


File Info:

crc32: 6FE69781
md5: 9c52ae203a51b4bd78b4cf07b6096fc5
name: 9C52AE203A51B4BD78B4CF07B6096FC5.mlw
sha1: 29f3c7b978811cff303e5846f6b590144ac6cf2b
sha256: 6a6bc4b3e2c460141981ba83a3a933e35adddc4814a3ffca8e329a5c63a149b8
sha512: b2747f677fd506f83d9db2928cf9ad5aad6d5511385ce87d4ce704d283332c5c64a54e7ee30e8ba5fc070a9af966912388e4f9936328a9f28a03c38d866a5ad2
ssdeep: 1536:O9mPvfkrmmIT8KVmKZ5qn5n95vzKiITczTocNsPHarT6Y0voyKLSEaAW2ia6Eb5:a5obmKG95WUOPa90voRLVxt0L2/Wq5a
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

FileVersion: 3.7.9

VirTool:Win32/CeeInject.AJE!bit also known as:

BkavW32.AIDetect.malware1
LionicTrojan.Win32.GandCrypt.H!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.24384
ClamAVWin.Packed.Zbot-7454525-0
CAT-QuickHealWorm.Gamarue.MUE.ZZ4
ALYacTrojan.GenericKD.31143710
CylanceUnsafe
ZillyaTrojan.GenericKD.Win32.135880
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/Genasom.ali1000102
K7GWTrojan ( 00516fdf1 )
K7AntiVirusTrojan ( 00516fdf1 )
CyrenW32/Vigorf.C.gen!Eldorado
SymantecPacked.Generic.525
ESET-NOD32Win32/Filecoder.GandCrab.D
ZonerTrojan.Win32.70792
APEXMalicious
AvastWin32:Malware-gen
CynetMalicious (score: 100)
KasperskyTrojan-Ransom.Win32.GandCrypt.dix
BitDefenderTrojan.GenericKD.31143710
NANO-AntivirusTrojan.Win32.Filecoder.fhkjje
ViRobotTrojan.Win32.R.Agent.174592.O
MicroWorld-eScanTrojan.GenericKD.31143710
TencentWin32.Trojan.Raas.Auto
Ad-AwareTrojan.GenericKD.31143710
SophosMal/Generic-R + Troj/PrincEv-B
ComodoTrojWare.Win32.PSW.Coins.FS@7s47lc
BitDefenderThetaGen:NN.ZexaF.34790.ku0@auPf!JkO
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_GANDCRAB.SMALY-3
McAfee-GW-EditionBehavesLike.Win32.Trojan.ch
FireEyeGeneric.mg.9c52ae203a51b4bd
EmsisoftTrojan.GenericKD.31143710 (B)
SentinelOneStatic AI – Suspicious PE
JiangminTrojan.PSW.Coins.akn
WebrootW32.Adware.Gen
AviraTR/GandCrab.etm
eGambitUnsafe.AI_Score_99%
MicrosoftVirTool:Win32/CeeInject.AJE!bit
SUPERAntiSpywareRansom.Cerber/Variant
GDataWin32.Trojan.Agent.4AIT4H
AhnLab-V3Win-Trojan/Gandcrab04.Exp
Acronissuspicious
McAfeeGeneric.azp
MAXmalware (ai score=100)
VBA32BScope.Trojan.Chapak
MalwarebytesRansom.MalPack
PandaTrj/WLT.D
TrendMicro-HouseCallRansom_GANDCRAB.SMALY-3
RisingTrojan.Generic@ML.100 (RDML:4unFM5ijEfmHfuA0LcKw0A)
IkarusTrojan-Ransom.GandCrab
MaxSecureRansomeware.CRAB.gen
FortinetW32/Kryptik.GJLH!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.GandCrab.HwoCINsA

How to remove VirTool:Win32/CeeInject.AJE!bit?

VirTool:Win32/CeeInject.AJE!bit removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment