Win32/Injector.DMYI information

The Win32/Injector.DMYI is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Injector.DMYI virus can do?

Executable code extraction
Injection (inter-process)
Injection (Process Hollowing)
Creates RWX memory
Executed a process and injected code into it, probably while unpacking
Attempts to repeatedly call a single API many times in order to delay analysis time
Steals private information from local Internet browsers
Spoofs its process name and/or associated pathname to appear as a legitimate process
Harvests credentials from local FTP client softwares
Harvests information related to installed instant messenger clients
Harvests information related to installed mail clients
Collects information to fingerprint the system
Anomalous binary characteristics

Related domains:

z.whorecord.xyz

a.tomx.xyz

How to determine Win32/Injector.DMYI?


File Info:
crc32: C1C98351
md5: 0fb1384e8e34d6c3c9e6c23d35ff5359
name: 0FB1384E8E34D6C3C9E6C23D35FF5359.mlw
sha1: d750faa42b496c1cce5cee0a2879efdc2badc456
sha256: 68f15600e889278aada0762a0fb84c11501bf3913380686aac74e6b3d4443368
sha512: 7582d09b466ac81856eec23b201d9e24e77fc0132b3a978dbaf7fcc52d227cc7a4ac6df65933a9c5a62b82a7885c843ba83325fbe3350f5d50d862b8cf4230d6
ssdeep: 3072:S1JhA4DbgcFRETC3aji8ObxqNsgRCALASOYE8:MPA4DbgcFl3aj6NWRN
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0409 0x04b0
LegalCopyright: Reo QG
InternalName: Maliki
FileVersion: 4.06.0006
CompanyName: Asus
ProductName: CA gware
ProductVersion: 4.06.0006
OriginalFilename: Maliki.exe

Win32/Injector.DMYI also known as:

Bkav	W32.AIDetectVM.malware1
Elastic	malicious (high confidence)
MicroWorld-eScan	Gen:Heur.PonyStealer.wm0@cSzdBlgi
FireEye	Generic.mg.0fb1384e8e34d6c3
ALYac	Gen:Heur.PonyStealer.wm0@cSzdBlgi
Cylance	Unsafe
Sangfor	Malware
K7AntiVirus	Trojan ( 0050971a1 )
BitDefender	Gen:Heur.PonyStealer.wm0@cSzdBlgi
K7GW	Trojan ( 0050971a1 )
Cybereason	malicious.e8e34d
TrendMicro	TSPY_HPFAREIT.SME
Cyren	W32/VBInject.HO3.gen!Eldorado
Symantec	ML.Attribute.HighConfidence
APEX	Malicious
Avast	Win32:InjectorX-gen [Trj]
ClamAV	Win.Packed.Ponystealer-9791237-0
Kaspersky	HEUR:Trojan.Win32.Generic
Ad-Aware	Gen:Heur.PonyStealer.wm0@cSzdBlgi
Sophos	Mal/FareitVB-M
F-Secure	Heuristic.HEUR/AGEN.1126331
DrWeb	Trojan.PWS.Siggen2.59479
Zillya	Trojan.VBKrypt.Win32.266911
Invincea	ML/PE-A + Mal/FareitVB-M
McAfee-GW-Edition	Packed-KR!0FB1384E8E34
Emsisoft	Gen:Heur.PonyStealer.wm0@cSzdBlgi (B)
SentinelOne	Static AI – Malicious PE
Avira	HEUR/AGEN.1126331
MAX	malware (ai score=85)
Antiy-AVL	Trojan/Win32.VBKrypt
Microsoft	Trojan:Win32/Wacatac.D6!ml
Arcabit	Trojan.PonyStealer.E48CBC
ZoneAlarm	HEUR:Trojan.Win32.Generic
GData	Gen:Heur.PonyStealer.wm0@cSzdBlgi
Cynet	Malicious (score: 100)
AhnLab-V3	Win-Trojan/VBKrypt.RP.X1764
McAfee	Packed-KR!0FB1384E8E34
VBA32	Trojan.Packed
Malwarebytes	Trojan.MalPack.VB
Panda	Trj/GdSda.A
ESET-NOD32	a variant of Win32/Injector.DMYI
TrendMicro-HouseCall	TSPY_HPFAREIT.SME
Rising	Malware.Undefined!8.C (TFE:4:N1aXQHKke9)
eGambit	Unsafe.AI_Score_99%
Fortinet	W32/Injector.DOLW!tr
BitDefenderTheta	Gen:NN.ZevbaF.34634.wm0@aSzdBlgi
AVG	Win32:InjectorX-gen [Trj]
CrowdStrike	win/malicious_confidence_100% (D)
Qihoo-360	HEUR/QVM03.0.4AFB.Malware.Gen

How to remove Win32/Injector.DMYI?

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

Win32/Injector.DMYI information