Malware

Win32/Injector.ECJP information

Malware Removal

The Win32/Injector.ECJP is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.ECJP virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Dynamic (imported) function loading detected
  • CAPE extracted potentially suspicious content
  • Unconventionial language used in binary resources: Chinese (Traditional)
  • Authenticode signature is invalid
  • CAPE detected the Formbook malware family

How to determine Win32/Injector.ECJP?



File Info:

name: 95EF235F9184DFA1BB48.mlw
path: /opt/CAPEv2/storage/binaries/64a974b2f8075185613de0a3998d46668e499b3960b60c4b3da6e42b5c4b1024
crc32: 59510C89
md5: 95ef235f9184dfa1bb487a3379514fc4
sha1: fb2223b7b0749d231f10ac3072aebb247894a724
sha256: 64a974b2f8075185613de0a3998d46668e499b3960b60c4b3da6e42b5c4b1024
sha512: f3906e227036c87708181e97025bd957654b9287e307d1f326370b28f09d77e553a05708febe76c61509c5b3e14bb7e55158059a4289346d0db76b77dadb16cb
ssdeep: 12288:Ke7xFGz6XiQzXIJDgAESLOkBKSkXHCcLze:Y6XiQzXIJcA3OkBKS6CcL
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T153D4CEEEF9C07FE5CCB031789BA1CD442B7A782B5B80464722B6F904D9767E1E656023
sha3_384: b2598bf85f45fa9a594711d61fd2a44248c0d160c045d42cfa919ce1d3e896d4d59fe21563b6c77ddc69fe6301604fdf
ep_bytes: 6894694000e8eeffffff000000000000
timestamp: 2018-12-05 11:36:23


Version Info:

Translation: 0x0404 0x04b0
Comments: TEST4
CompanyName: sAMsUNG  
FileDescription: TEST4
LegalCopyright: TEST4
LegalTrademarks: TEST4
ProductName: TEST4
FileVersion: 1.00
ProductVersion: 1.00
InternalName: Peroxidizements
OriginalFilename: Peroxidizements.exe

Win32/Injector.ECJP also known as:

BkavW32.AIDetect.malware2
MicroWorld-eScanGen:Heur.PonyStealer.Km0@g4AnNgjb
ALYacGen:Heur.PonyStealer.Km0@g4AnNgjb
CylanceUnsafe
Sangfor[MICROSOFT VISUAL BASIC 5.0]
K7AntiVirusTrojan ( 005436831 )
AlibabaTrojanSpy:Win32/Injector.e5d5f2f1
K7GWTrojan ( 005436831 )
Cybereasonmalicious.f9184d
VirITTrojan.Win32.VBPack_Heur
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/Injector.ECJP
APEXMalicious
KasperskyTrojan-Spy.Win32.Noon.xot
BitDefenderGen:Heur.PonyStealer.Km0@g4AnNgjb
NANO-AntivirusTrojan.Win32.Noon.flbpzl
AvastWin32:Trojan-gen
TencentWin32.Trojan-spy.Noon.Hvtf
Ad-AwareGen:Heur.PonyStealer.Km0@g4AnNgjb
SophosML/PE-A + Troj/Zbot-MVU
ComodoMalware@#3ndnf6jb5x5x2
DrWebTrojan.Fbng.8
ZillyaTrojan.Noon.Win32.11892
TrendMicroTrojan.Win32.BAMAPANO.SM3.hp
McAfee-GW-EditionFareit-FNC!95EF235F9184
FireEyeGeneric.mg.95ef235f9184dfa1
EmsisoftGen:Heur.PonyStealer.Km0@g4AnNgjb (B)
SentinelOneStatic AI – Suspicious PE
GDataGen:Heur.PonyStealer.Km0@g4AnNgjb
JiangminTrojanSpy.Noon.ebo
AviraTR/Dropper.VB.Gen7
MAXmalware (ai score=100)
MicrosoftPWS:Win32/Fareit.K!MTB
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Injector.C3070217
McAfeeFareit-FNC!95EF235F9184
TACHYONTrojan-Spy/W32.VB-Noon.598016
VBA32TrojanSpy.Noon
TrendMicro-HouseCallTrojan.Win32.BAMAPANO.SM3.hp
RisingSpyware.Noon!8.E7C9 (CLOUD)
YandexTrojanSpy.Noon!b1sEVKBgoYk
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.74105928.susgen
FortinetW32/Injector.ECJP!tr
BitDefenderThetaGen:NN.ZevbaF.34712.Km0@a4AnNgjb
AVGWin32:Trojan-gen
PandaTrj/GdSda.A
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Win32/Injector.ECJP?

Win32/Injector.ECJP removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment