VirTool:Win32/DelfInject!AA removal instruction

The VirTool:Win32/DelfInject!AA is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What VirTool:Win32/DelfInject!AA virus can do?

The binary contains an unknown PE section name indicative of packing
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid

How to determine VirTool:Win32/DelfInject!AA?


File Info:
name: 44FB73CB714454D62100.mlw
path: /opt/CAPEv2/storage/binaries/3ea5ff5438a99cc2579ba003662ce10edc96d259c73f0f842b7026dad6ea0f51
crc32: B6113B8C
md5: 44fb73cb714454d62100016fb6a1b596
sha1: 93b687760ea851476862d41ac9a10712432666a0
sha256: 3ea5ff5438a99cc2579ba003662ce10edc96d259c73f0f842b7026dad6ea0f51
sha512: 0fde88cc1ddc681fc17152135afd95b6632b2ae8ae6ebc6d1fe7bf2eb9bc4b5378619cd15f2cc113aa85f8d672ba3e09542000ee132d7a4b6be62a8255c11b86
ssdeep: 384:i6nu+UN9fVS59MxOnI5IjlqSqVNGzN3ba8a81cI2:iSbgfVS59c58LqVUz8d8d
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T145727D21EA314E70DC038BFE5C8625F4962AB425273A34711EB6674BFD1C1B9D82CB5E
sha3_384: e92aa033d039f6560024074c6db98a5909b1440ef6b7b3ba027222a9ffadca7e9bad9f71a80c336c1647cc35d9bf80ff
ep_bytes: 558bec83c4f0b8a8250070e890f3ffff
timestamp: 1992-06-19 22:22:17

Version Info:
0: [No Data]

VirTool:Win32/DelfInject!AA also known as:

Bkav	W32.AIDetectMalware
Elastic	malicious (high confidence)
MicroWorld-eScan	Trojan.Inject.GE
FireEye	Generic.mg.44fb73cb714454d6
Skyhigh	BehavesLike.Win32.ObfuscatedPoly.lh
ALYac	Trojan.Inject.GE
Zillya	Backdoor.CPEX.Win32.25500
Sangfor	Suspicious.Win32.Save.a
K7AntiVirus	Trojan ( 0003fe6c1 )
Alibaba	VirTool:Win32/CPEX-based.c614ce25
K7GW	Trojan ( 0003fe6c1 )
Cybereason	malicious.b71445
BitDefenderTheta	AI:Packer.DB97C53C1E
VirIT	Trojan.Win32.Generic.AEO
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Injector.D
APEX	Malicious
TrendMicro-HouseCall	TROJ_CPEX.R
ClamAV	Win.Dropper.Ldpinch-9831322-0
Kaspersky	Packed.Win32.CPEX-based.m
BitDefender	Trojan.Inject.GE
NANO-Antivirus	Trojan.Win32.CPEXbased.bwydzo
Avast	Win32:LdPinch-BMC [Trj]
Sophos	Mal/Dropper-T
F-Secure	Dropper.DR/Delphi.Gen
DrWeb	Trojan.Packed.194
VIPRE	Trojan.Inject.GE
TrendMicro	TROJ_CPEX.R
Trapmine	malicious.high.ml.score
Emsisoft	Trojan.Inject.GE (B)
Ikarus	Virus.Win32.Zapchast.DA
Google	Detected
Avira	DR/Delphi.Gen
Varist	W32/Delf.N.gen!Eldorado
Antiy-AVL	Trojan/Win32.Injector
Kingsoft	Win32.Troj.Undef.a
Microsoft	VirTool:Win32/DelfInject.gen!AA
Xcitium	TrojWare.Win32.PSW.LdPinch.~W1@18pm5y
Arcabit	Trojan.Inject.GE
ViRobot	Spyware.CPEXbased.Packed.16896
ZoneAlarm	Packed.Win32.CPEX-based.m
GData	Trojan.Inject.GE
Cynet	Malicious (score: 100)
AhnLab-V3	Trojan/Win32.LdPinch.C59563
MAX	malware (ai score=100)
Cylance	unsafe
Panda	Trj/Genetic.gen
Rising	Trojan.Win32.CPEX-based.m (CLASSIC)
Yandex	Trojan.GenAsa!OX+BUxp1sOQ
SentinelOne	Static AI – Malicious PE
Fortinet	W32/Injector.fam!tr
AVG	Win32:LdPinch-BMC [Trj]
DeepInstinct	MALICIOUS
CrowdStrike	win/malicious_confidence_100% (W)
alibabacloud	Virtool:Win/CPEX-based.m

How to remove VirTool:Win32/DelfInject!AA?

VirTool:Win32/DelfInject!AA removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X