Malware

Win32/Injector.EKIU removal

Malware Removal

The Win32/Injector.EKIU is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Win32/Injector.EKIU virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Uses Windows utilities for basic functionality
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs

How to determine Win32/Injector.EKIU?



File Info:

crc32: 619DE342
md5: 67d2129bbaa9e52fa9387cd9f0ec64bc
name: jan22.bin
sha1: f7aad87a6a657cb6bb317cf13a613b15a311f5ab
sha256: 22f503023060f742698fa8180cb18ab09515fa7ab6a881907705145040c91e11
sha512: 9cb57345f827f76fa93d80bcb51aef9c8b2261a742d7424cbc9b846e9f604a92c452663262b61f046264ec28869c7b92fd991f64a91b2f799fd4ca12f9d5b52a
ssdeep: 3072:KJy+bnr+O1c5GWp1icKAArDZz4N9GhbkrNEk1xU/ttYhVoD:KJy+bnr+/p0yN90QEB/t0i
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: xa9 Microsoft Corporation. All rights reserved.
InternalName: Wextract                
FileVersion: 11.00.17763.1 (WinBuild.160101.0800)
CompanyName: Microsoft Corporation
ProductName: Internet Explorer
ProductVersion: 11.00.17763.1
FileDescription: Win32 Cabinet Self-Extractor                                           
OriginalFilename: WEXTRACT.EXE            .MUI
Translation: 0x0409 0x04b0

Win32/Injector.EKIU also known as:

FireEyeGeneric.mg.67d2129bbaa9e52f
Qihoo-360Generic/Trojan.fe9
ALYacBackdoor.Remcos.A
CylanceUnsafe
AegisLabTrojan.Multi.Generic.4!c
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.a6a657
APEXMalicious
AvastWin32:Trojan-gen
GDataWin32.Trojan.Injector.VO0473
KasperskyTrojan.Win32.Vebzenpak.bfw
AlibabaTrojan:Win32/Vebzenpak.ab1be46b
SophosMal/Generic-S
F-SecureTrojan.TR/Injector.ladwk
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Dropper.dm
IkarusTrojan-Spy.Agent
WebrootW32.Trojan.Gen
AviraTR/Injector.laxfb
Endgamemalicious (high confidence)
ZoneAlarmTrojan.Win32.Vebzenpak.bfw
MicrosoftTrojan:Win32/Tiggre!rfn
McAfeeRDN/Generic.dx
MalwarebytesTrojan.Injector
ESET-NOD32a variant of Win32/Injector.EKIU
RisingTrojan.Injector!8.C4 (CLOUD)
FortinetW32/EKIU!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_60% (W)

How to remove Win32/Injector.EKIU?

Win32/Injector.EKIU removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment