Win32/Injector.EJCX information

The Win32/Injector.EJCX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

What Win32/Injector.EJCX virus can do?

Executable code extraction
Creates RWX memory
Unconventionial language used in binary resources: Chinese (Traditional)
The binary likely contains encrypted or compressed data.
Anomalous binary characteristics

How to determine Win32/Injector.EJCX?


File Info:
crc32: 67F40FBD
md5: d9160e846a7dd1f58b972a5550999999
name: 1.exe
sha1: e469d8d8cfb0229debf5b978c12fec6d4732d080
sha256: 10084850b03a65bc94899e41680e6207ab71c6b96a7bf65f6086fbba41cc7b5c
sha512: f91d667a89311b035d6044e9b9e4e1f73160f8528a44ccb3f6b3a8352541339787e4e9e5f9b06b584caf4c5fbc2484a4a9d5e6fad4e9c9389d60ee6e0d2c93a8
ssdeep: 24576:npL+fmJcXKtqGqiyj9MkTXh6NFDWzJaMU:nqec6BRytTx6NZO
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:
Translation: 0x0404 0x04b0
InternalName: TRuciolato
FileVersion: 5.02.0006
CompanyName: ASus
ProductName: GLobalLink
ProductVersion: 5.02.0006
OriginalFilename: TRuciolato.exe

Win32/Injector.EJCX also known as:

McAfee	Fareit-FQQ!D9160E846A7D
Cylance	Unsafe
Cybereason	malicious.8cfb02
BitDefenderTheta	Gen:NN.ZevbaF.32515.!m0@aK6xlgib
Cyren	W32/Injector.VE.gen!Eldorado
ESET-NOD32	a variant of Win32/Injector.EJCX
APEX	Malicious
Paloalto	generic.ml
Kaspersky	UDS:DangerousObject.Multi.Generic
McAfee-GW-Edition	BehavesLike.Win32.Fareit.fh
Fortinet	W32/Injector.EJCR!tr
Trapmine	malicious.moderate.ml.score
FireEye	Generic.mg.d9160e846a7dd1f5
Sophos	Mal/FareitVB-X
SentinelOne	DFI – Malicious PE
F-Prot	W32/Injector.VE.gen!Eldorado
Endgame	malicious (high confidence)
Microsoft	Trojan:Win32/Casur.A!cl
ZoneAlarm	UDS:DangerousObject.Multi.Generic
AhnLab-V3	Trojan/Win32.Fuery.R300868
Acronis	suspicious
Panda	Trj/GdSda.A
Ikarus	Win32.Outbreak
MaxSecure	Trojan.Malware.300983.susgen
CrowdStrike	win/malicious_confidence_100% (W)
Qihoo-360	HEUR/QVM03.0.7649.Malware.Gen

How to remove Win32/Injector.EJCX?

Win32/Injector.EJCX removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X