Malware

How to remove “Win32/Injector.ELEJ”?

Malware Removal

The Win32/Injector.ELEJ is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What Win32/Injector.ELEJ virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • Executed a process and injected code into it, probably while unpacking
  • Installs itself for autorun at Windows startup
  • Network activity detected but not expressed in API logs
  • Creates a copy of itself
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Win32/Injector.ELEJ?


File Info:

crc32: 8CA04C05
md5: c7146bd7224de727acdb7ade25798581
name: clip.exe
sha1: ca211f5a825496f5105fdfd71f052d131184a858
sha256: eeb8a5be31859801d6f5fbf037403f1be3ef35b62165111f79b28cd51c681d40
sha512: 9fbe0b4c8eb92f39904a7ca5c1602c8b94b3bd90f56fc50c886cacd8bbad9390da99f00bb8d2439ab91fb69af846ff3d9ecfceed01e274603ed301e2f67504be
ssdeep: 12288:FrlEblPV33kdjH48U/R/P2+eKgn3XT1aft1R5PI8GL:9CH33kdjqGVjHUf3YL
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Win32/Injector.ELEJ also known as:

MicroWorld-eScanTrojan.GenericKD.42877794
FireEyeGeneric.mg.c7146bd7224de727
Qihoo-360HEUR/QVM05.1.127D.Malware.Gen
CylanceUnsafe
BitDefenderTrojan.GenericKD.42877794
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.a82549
Invinceaheuristic
BitDefenderThetaGen:NN.ZelphiF.34100.SGW@aiJC3uii
ESET-NOD32a variant of Win32/Injector.ELEJ
TrendMicro-HouseCallTrojanSpy.Win32.LOKI.SMDF.hp
AvastWin32:Trojan-gen
GDataTrojan.GenericKD.42877794
KasperskyHEUR:Trojan-Banker.Win32.ClipBanker.gen
AegisLabTrojan.Win32.ClipBanker.7!c
Ad-AwareTrojan.GenericKD.42877794
SophosMal/Fareit-V
F-SecureTrojan.TR/Injector.ipxue
DrWebTrojan.Siggen9.23406
TrendMicroTrojanSpy.Win32.LOKI.SMDF.hp
McAfee-GW-EditionBehavesLike.Win32.Trojan.bh
Trapminemalicious.high.ml.score
EmsisoftTrojan.GenericKD.42877794 (B)
APEXMalicious
WebrootW32.Malware.Gen
AviraTR/Injector.ipxue
Antiy-AVLTrojan[Banker]/Win32.ClipBanker
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D28E4362
AhnLab-V3Suspicious/Win.Delphiless.X2059
ZoneAlarmHEUR:Trojan-Banker.Win32.ClipBanker.gen
MicrosoftTrojan:Win32/Wacatac.C!ml
Acronissuspicious
McAfeeArtemis!C7146BD7224D
MAXmalware (ai score=82)
PandaTrj/CI.A
RisingTrojan.Injector!1.AFE3 (CLOUD)
IkarusTrojan.Win32.Injector
eGambitUnsafe.AI_Score_99%
FortinetW32/Injector.ELDT!tr
AVGWin32:Trojan-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_90% (W)

How to remove Win32/Injector.ELEJ?

Win32/Injector.ELEJ removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment