Categories: Malware

VirTool:Win32/CeeInject.FL removal instruction

The VirTool:Win32/CeeInject.FL is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VirTool:Win32/CeeInject.FL virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • A ping command was executed with the -n argument possibly to delay analysis
  • Uses Windows utilities for basic functionality
  • Behavioural detection: Injection (Process Hollowing)
  • Behavioural detection: Injection (inter-process)
  • Attempts to modify proxy settings
  • Deletes executed files from disk
  • Uses suspicious command line tools or Windows utilities
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine VirTool:Win32/CeeInject.FL?



File Info:

name: 00448B6474A4B5D0DC20.mlwpath: /opt/CAPEv2/storage/binaries/f728bb47359988ee26f055a12a185011cb39e1516f573465783213b93b69db69crc32: F0028DEEmd5: 00448b6474a4b5d0dc20cd9c2ce15223sha1: b8e6df6c48b3b6a4a3f8e89ce1e56aaa0e09807bsha256: f728bb47359988ee26f055a12a185011cb39e1516f573465783213b93b69db69sha512: 30b2792e6b7ef64764e3e56f22142e8dbffe5de0ef0632f3284c84ff6faa9606cbacdc4150779b60c56cd1aeea752ebd011e28583f4f9faafd081494b4a1df81ssdeep: 768:Bl6868R8b8P888y8E8BLu9WYN7Qarp37GfmtQTFz+WBMll/u:yzqoShZpiLu9LNQarpLGfi+8yMPutype: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1A5C25C0BB762E930E9429CB10136E1AFDB741BEA923482C79FD1CF26E972391C930955sha3_384: 77654234ddbc47d8566cbbf45e229f81774d0e86bebb23aa119b99dfb1b2f4c0c7f472d3fdf6abb7f7cb03399bd060e6ep_bytes: 68800900006800000909687c534000e8timestamp: 2021-06-15 09:06:29

Version Info:

CompanyName: opdihteygcbvuiooiProductName: azsduirnvyhzpdihpzTranslation: 0x3c01 0x04b0

VirTool:Win32/CeeInject.FL also known as:

Bkav W32.AIDetectNet.01
Elastic malicious (high confidence)
MicroWorld-eScan Trojan.GenericKDZ.22647
FireEye Generic.mg.00448b6474a4b5d0
ALYac Trojan.GenericKDZ.22647
Malwarebytes Trojan.Crypt.NKN
Zillya Trojan.Inject.Win32.59981
Sangfor Trojan.Win32.Injector.AINJ
K7AntiVirus Trojan ( 00486d7f1 )
Alibaba VirTool:Win32/CeeInject.71ca7f21
K7GW Trojan ( 00486d7f1 )
CrowdStrike win/malicious_confidence_100% (D)
VirIT Trojan.Win32.Generic.AGDR
Symantec Packed.Generic.436
ESET-NOD32 a variant of Win32/Injector.AINJ
APEX Malicious
Paloalto generic.ml
Cynet Malicious (score: 99)
Kaspersky Trojan.Win32.Inject.fufg
BitDefender Trojan.GenericKDZ.22647
NANO-Antivirus Trojan.Win32.Inject.bxptjg
SUPERAntiSpyware Trojan.Agent/Gen-Falcomp
Avast Win32:Injector-BMG [Trj]
Tencent Malware.Win32.Gencirc.1152ef2d
Sophos Troj/Agent-ADBJ
F-Secure Trojan.TR/Downloader.Gen8
DrWeb Trojan.DownLoader13.9400
VIPRE Trojan.GenericKDZ.22647
TrendMicro TROJ_SPNR.15GB13
McAfee-GW-Edition PWS-Zbot-FAQD!00448B6474A4
Trapmine suspicious.low.ml.score
Emsisoft Trojan.GenericKDZ.22647 (B)
SentinelOne Static AI – Suspicious PE
GData Trojan.GenericKDZ.22647
Jiangmin Trojan/Generic.axoyw
Webroot Trojan.Dropper.Gen
Avira TR/Downloader.Gen8
MAX malware (ai score=100)
Antiy-AVL Trojan/Win32.Inject
Xcitium TrojWare.Win32.Injector.AKLC@51z9hh
Arcabit Trojan.Generic.D5877
Microsoft VirTool:Win32/CeeInject.FL
Google Detected
AhnLab-V3 Trojan/Win32.Zbot.R72969
McAfee PWS-Zbot-FAQD!00448B6474A4
VBA32 Hoax.Blocker
Cylance unsafe
TrendMicro-HouseCall TROJ_SPNR.15GB13
Rising Worm.Dorkbot!8.1B4 (TFE:5:pH406ATKkxD)
Yandex Trojan.Inject!L698rf7CeBw
Ikarus Trojan-Downloader.Win32.Karagany
Fortinet W32/Zbot.AGWV!tr
BitDefenderTheta Gen:NN.ZexaF.36308.bq2@aS5k!VmG
AVG Win32:Injector-BMG [Trj]
Cybereason malicious.474a4b
Panda Trj/Dtcontx.F

How to remove VirTool:Win32/CeeInject.FL?

  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.
Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment
Share
Published by
Paul Valéry
Tags: VirTool:Win32/CeeInject.FL
1 year ago

Recent Posts

Tedy.551777 (file analysis)

The Tedy.551777 is considered dangerous by lots of security experts. When this infection is active,…

9 mins ago

About “Lazy.518842” infection

The Lazy.518842 is considered dangerous by lots of security experts. When this infection is active,…

9 mins ago

HackTool:Win32/Malgent!MSR information

The HackTool:Win32/Malgent!MSR is considered dangerous by lots of security experts. When this infection is active,…

9 mins ago

Barys.27333 malicious file

The Barys.27333 is considered dangerous by lots of security experts. When this infection is active,…

14 mins ago

How to remove “Win32/Kryptik.GKHS”?

The Win32/Kryptik.GKHS is considered dangerous by lots of security experts. When this infection is active,…

15 mins ago

What is “Malware.AI.1865006162”?

The Malware.AI.1865006162 is considered dangerous by lots of security experts. When this infection is active,…

1 hour ago