Win32/Injector.EKMO (file analysis)

Malware Removal

The Win32/Injector.EKMO is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

ribbon

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
THANK YOU!
DOWNLOAD NOW
On Going Offer

What Win32/Injector.EKMO virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Attempts to modify proxy settings
  • Collects information to fingerprint the system
  • Anomalous binary characteristics

Related domains:

mikeservers.eu

How to determine Win32/Injector.EKMO?


File Info:

crc32: 15197C26
md5: a35807cd90bbe720b896c6d1fdef5565
name: kingz.exe
sha1: 1d6dd018476fe1b263102957b4d2962bd4f59c47
sha256: c315549695f476577946114e2531f1eae8f655a4e51a15f05f83d660deecf32b
sha512: 245dab8ed5049f0c36ab2538a879624e30a3801ff61bf8d1801fcc3beb61f6790e5325a7c24af449d07f6eb0ea464e70a0c57a9f21cd7b77b0616f6a41486b21
ssdeep: 12288:JYFdA3mMWw+waJP9QIaRZW9Xk2BcKja0nO011/c1IV3Tz:JYTU2wO90Tq0yPa0O01IIJTz
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Win32/Injector.EKMO also known as:

DrWebTrojan.PWS.Siggen2.43344
FireEyeGeneric.mg.a35807cd90bbe720
Qihoo-360HEUR/QVM05.1.2EE1.Malware.Gen
CylanceUnsafe
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.8476fe
BitDefenderThetaGen:NN.ZelphiF.34090.TGW@a8k6kwhi
APEXMalicious
Paloaltogeneric.ml
AlibabaTrojan:Win32/Fareit.fa088d59
AvastWin32:Trojan-gen
RisingMalware.Heuristic!ET#94% (RDMK:cmRtazo/4BZ9ATz7fb6AUpL6khVo)
SophosMal/Fareit-V
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Fareit.bh
Trapminemalicious.high.ml.score
WebrootW32.Trojan.Gen
AviraTR/Injector.uchqk
Endgamemalicious (high confidence)
SUPERAntiSpywareTrojan.Agent/Gen-Dropper
ZoneAlarmHEUR:Trojan-PSW.Win32.Agensla.gen
MicrosoftTrojan:Win32/Wacatac.D!ml
AhnLab-V3Win-Trojan/Delphiless.Exp
Acronissuspicious
McAfeeFareit-FRB!A35807CD90BB
MalwarebytesTrojan.Dropper
ESET-NOD32a variant of Win32/Injector.EKMO
eGambitUnsafe.AI_Score_99%
FortinetW32/Agent.AJFK!tr
PandaTrj/CI.A
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Win32/Injector.EKMO?

Win32/Injector.EKMO removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment