Categories: Malware

Should I remove “Win32/Injector.DYQM”?

The Win32/Injector.DYQM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

DOWNLOAD NOW

6-day free trial available.

What Win32/Injector.DYQM virus can do?

Behavioural detection: Executable code extraction – unpacking
Sample contains Overlay data
Reads data out of its own binary image
CAPE extracted potentially suspicious content
The binary likely contains encrypted or compressed data.
Authenticode signature is invalid
A scripting utility was executed
CAPE detected the embedded win api malware family
Anomalous binary characteristics
Yara detections observed in process dumps, payloads or dropped files

How to determine Win32/Injector.DYQM?


File Info:
name: 316F272585C49267BB46.mlwpath: /opt/CAPEv2/storage/binaries/c56d51f415f144a35998299b75443a0cba0bc79775e6e299670912a2165cd105crc32: 7BEF60F5md5: 316f272585c49267bb46080d11607889sha1: 760fbdd7f66dd4c2c865c2da4735586d21db96bdsha256: c56d51f415f144a35998299b75443a0cba0bc79775e6e299670912a2165cd105sha512: ca5ae55868dedbd531f88d1e2b981bb27f6ea55366d99650864ba021988773569f82ec0c9f11518e4a682f924e79ec3d3c656405dbe4010cd34ea6e1f6e879d1ssdeep: 12288:sBI+rbqqJh6YJwA3Q2aNeIWJ94FVftGQ1qcr4g6wdEnhNkMYg3LidUka:sbZJXJ7A2aIVJ94FJtDj4gdmXh3udU9type: PE32 executable (GUI) Intel 80386, for MS Windowstlsh: T1BF05C0866B61F4D9C54AA1F1589194F0C66FFEF95605823F3422F78DD230BB28C9AF42sha3_384: e0fe2e584e1786b4d203dcba365e5adf6da91cdae7f4c15590ff9ef86fc86929974820eb5b79dcc7d986057f6d5b7524ep_bytes: 6888144000e8eeffffff000000000000timestamp: 2009-04-11 11:14:01
Version Info:
Translation: 0x0409 0x04b0Comments: chEAT eNGINVCompanyName: Tho eNIGMO PROTECTor DEVELOPers teaMFileDescription: GP, onz.LegalTrademarks: acEAProductName: frEO yiMCFileVersion: 4.01ProductVersion: 4.01InternalName: UntastedOriginalFilename: Untasted.exe

Win32/Injector.DYQM also known as:

Bkav	W32.AIDetectMalware
Lionic	Trojan.Win32.VBKrypt.4!c
Elastic	malicious (high confidence)
MicroWorld-eScan	Win32.Hematite.C
ClamAV	Win.Dropper.LokiBot-9347987-0
FireEye	Generic.mg.316f272585c49267
Skyhigh	Fareit-FKM!316F272585C4
ALYac	Win32.Hematite.C
Cylance	unsafe
Zillya	Trojan.VBKrypt.Win32.301691
Sangfor	Suspicious.Win32.Save.vb
CrowdStrike	win/malicious_confidence_100% (W)
Alibaba	Trojan:Win32/VBKrypt.743c0a85
K7GW	Trojan ( 005345f41 )
K7AntiVirus	Trojan ( 005345f41 )
Symantec	ML.Attribute.HighConfidence
ESET-NOD32	a variant of Win32/Injector.DYQM
APEX	Malicious
Cynet	Malicious (score: 100)
Kaspersky	Trojan.Win32.VBKrypt.znto
BitDefender	Win32.Hematite.C
NANO-Antivirus	Trojan.Win32.VBKrypt.fegafh
Avast	Win32:Malware-gen
Rising	Trojan.Injector!8.C4 (TFE:4:4jzfenTC3oO)
Sophos	Mal/FareitVB-AB
VIPRE	Win32.Hematite.C
TrendMicro	TrojanSpy.Win32.LOKI.SM.hp
Emsisoft	Win32.Hematite.C (B)
SentinelOne	Static AI – Malicious PE
GData	Win32.Trojan.PSE.6FIT59
Jiangmin	RiskTool.StartPage.km
Google	Detected
Antiy-AVL	Trojan/Win32.VBKrypt
Kingsoft	malware.kb.a.1000
Arcabit	Win32.Hematite.C
ZoneAlarm	Trojan.Win32.VBKrypt.znto
Microsoft	Trojan:Win32/Upatre
Varist	W32/Fareit.FR.gen!Eldorado
AhnLab-V3	Win-Trojan/VBKrypt.RP08.X1976
McAfee	Fareit-FKM!316F272585C4
MAX	malware (ai score=80)
Malwarebytes	Generic.Malware.AI.DDS
TrendMicro-HouseCall	TrojanSpy.Win32.LOKI.SM.hp
Tencent	Malware.Win32.Gencirc.115a6e5c
Yandex	Trojan.Agent!qZOi9rjqwEc
Ikarus	Trojan-Banker.TrickBot
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/GenKryptik.FGZN!tr
BitDefenderTheta	AI:Packer.59FAB2A01F
AVG	Win32:Malware-gen
Cybereason	malicious.7f66dd
DeepInstinct	MALICIOUS