Malware

VirTool:Win32/DelfInject!CF information

Malware Removal

The VirTool:Win32/DelfInject!CF is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What VirTool:Win32/DelfInject!CF virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Reads data out of its own binary image
  • Unconventionial language used in binary resources: Russian
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine VirTool:Win32/DelfInject!CF?



File Info:

name: 0AC6C332121B81B0B93B.mlw
path: /opt/CAPEv2/storage/binaries/a790aa213a6391818156792d60f77051567e13e4db3492db63779a2b3960d57a
crc32: C5B8A2A7
md5: 0ac6c332121b81b0b93b07c988b1b93d
sha1: e9270dc0ed566b6bede6277264df95f7d9707adc
sha256: a790aa213a6391818156792d60f77051567e13e4db3492db63779a2b3960d57a
sha512: 350fcd26ec38f2992ca2dbcf5a0d8896a1885860412ba344028132e3838cea9a475b1d7cd7ecef8f4e6d217156d6127676d404aee6096f0a7e5fd9b582f7d053
ssdeep: 196608:QGguJrG54u25HbgIFLCUtUdMwdTO7aURdPIRWcfmJxKGzc:7bu258cvt81JOfwWemrbc
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T192863317EA624AF5E429353CDC50B16B5F6FFC50373A8661E7CC488A243A1E9A3543F2
sha3_384: 22a1e3ea91bbcd41a3970f397f3f8a7786a533c38c079719418272e0e551cb424b653eac930bb6e5d2b33b9cb0e1b78c
ep_bytes: 558becb9080000006a006a004975f951
timestamp: 1992-06-19 22:22:17


Version Info:

Translation: 0x0409 0x04b0
ProductName: Project1
FileVersion: 1.00
ProductVersion: 1.00
InternalName: xxx
OriginalFilename: xxx.exe

VirTool:Win32/DelfInject!CF also known as:

LionicTrojan.Win32.Generic.lqWn
CynetMalicious (score: 99)
FireEyeGeneric.mg.0ac6c332121b81b0
McAfeeGenericR-KIT!0AC6C332121B
CylanceUnsafe
ZillyaTrojan.Buterat.Win32.1
SangforBackdoor.Win32.Buterat.coe
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaBackdoor:Win32/Buterat.46e9452b
K7GWTrojan ( 0055e3991 )
K7AntiVirusTrojan ( 0055e3991 )
CyrenW32/Agent.LN.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/Injector.JDH
APEXMalicious
ClamAVWin.Trojan.Buterat-423
KasperskyBackdoor.Win32.Buterat.coe
BitDefenderBackdoor.Generic.687375
NANO-AntivirusTrojan.Win32.Carberp.ryrnf
MicroWorld-eScanBackdoor.Generic.687375
AvastWin32:Crypt-KHZ [Trj]
TencentMalware.Win32.Gencirc.114960fa
EmsisoftBackdoor.Generic.687375 (B)
ComodoTrojWare.Win32.Injector.ixq@4ay6ds
DrWebTrojan.Winlock.3300
VIPREVirtool.Win32.Obfuscator.as!b (v)
TrendMicroTSPY_BUTERAT_BK0834D8.TOMC
McAfee-GW-EditionBehavesLike.Win32.Generic.wc
SophosMal/SpyEye-Y
JiangminTrojan/Agent.ewds
AviraBDS/Buterat.coe
Antiy-AVLTrojan/Generic.ASMalwS.16F16
GridinsoftRansom.Win32.Zbot.sa
MicrosoftVirTool:Win32/DelfInject.gen!CF
ViRobotBackdoor.Win32.A.Buterat.140426
ZoneAlarmBackdoor.Win32.Buterat.coe
GDataBackdoor.Generic.687375
AhnLab-V3Backdoor/Win32.Buterat.R12158
BitDefenderThetaAI:Packer.BB369F6719
ALYacBackdoor.Generic.687375
MAXmalware (ai score=89)
VBA32Backdoor.Buterat
MalwarebytesMalware.AI.3196125151
TrendMicro-HouseCallTSPY_BUTERAT_BK0834D8.TOMC
RisingHackTool.DelfInject!8.B26 (CLOUD)
YandexTrojan.Injector!QXE/Ft57ma4
IkarusTrojan-PWS.Win32.Zbot
FortinetW32/Injector.JDH!tr
AVGWin32:Crypt-KHZ [Trj]
Cybereasonmalicious.2121b8
PandaTrj/Genetic.gen

How to remove VirTool:Win32/DelfInject!CF?

VirTool:Win32/DelfInject!CF removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment