Win32/Injector.ELFM malicious file

Malware Removal

The Win32/Injector.ELFM is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

ribbon

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
THANK YOU!
DOWNLOAD NOW
On Going Offer

What Win32/Injector.ELFM virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Tries to unhook or modify Windows functions monitored by Cuckoo
  • Network activity detected but not expressed in API logs
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz

How to determine Win32/Injector.ELFM?


File Info:

crc32: 11C74DA9
md5: 4651edf8f5af1f7cd9ac26f3e6833305
name: dutchz.exe
sha1: 5b2e0425dfc818ecfa618f2abfe2b8b13a336a76
sha256: c2db4f53f12bb523d38f7f18230dbbfec5dbcd40bac5c1c06677ffe815af22ee
sha512: 5512a7eb8e2739bbed01ff1126a84abc3f19254fbc3a518d8e0e7410ffb1b3ad381dff2068edc67d17dabff291c8e1017c40cd3ed1acb51c4b35d296d788ff31
ssdeep: 24576:f0D3f35XsjrmvoCUOYI/IEg5jF3FHMRYIwBUA:8DBzvYOd/uj26+A
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

0: [No Data]

Win32/Injector.ELFM also known as:

DrWebTrojan.PWS.Siggen2.45242
MicroWorld-eScanTrojan.GenericKD.42869074
Qihoo-360Win32/Trojan.PSW.086
ALYacTrojan.GenericKD.42869074
CylanceUnsafe
SangforMalware
K7AntiVirusRiskware ( 0040eff71 )
BitDefenderTrojan.GenericKD.42869074
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.5dfc81
TrendMicroTrojanSpy.Win32.LOKI.SMDF.hp
BitDefenderThetaGen:NN.ZelphiF.34104.7GW@aibclJii
F-ProtW32/Delf.AFC
TrendMicro-HouseCallTrojanSpy.Win32.LOKI.SMDF.hp
AvastWin32:Malware-gen
GDataTrojan.GenericKD.42869074
KasperskyHEUR:Trojan-PSW.Win32.Agensla.gen
AlibabaTrojanPSW:Win32/Lokibot.5c68db5f
AegisLabTrojan.Multi.Generic.4!c
RisingTrojan.Injector!1.AF18 (CLASSIC)
Ad-AwareTrojan.GenericKD.42869074
EmsisoftTrojan.GenericKD.42869074 (B)
ComodoMalware@#1pa7ktffkgeew
F-SecureTrojan.TR/Injector.qfpkl
Invinceaheuristic
McAfee-GW-EditionBehavesLike.Win32.Fareit.dc
Trapminemalicious.high.ml.score
FireEyeGeneric.mg.4651edf8f5af1f7c
SophosMal/Fareit-V
IkarusTrojan.Inject
CyrenW32/Delf.AAHN-3671
JiangminBackdoor.MSIL.csnh
WebrootW32.Malware.gen
AviraTR/Injector.qfpkl
MAXmalware (ai score=86)
Antiy-AVLGrayWare/Win32.Generic
Endgamemalicious (high confidence)
ArcabitTrojan.Generic.D28E2152
ZoneAlarmHEUR:Trojan-PSW.Win32.Agensla.gen
MicrosoftTrojan:Win32/Lokibot.G!MTB
AhnLab-V3Suspicious/Win.Delphiless.X2059
Acronissuspicious
McAfeeArtemis!4651EDF8F5AF
VBA32Trojan.Sonbokli
MalwarebytesBackdoor.NanoCore
PandaTrj/CI.A
APEXMalicious
ESET-NOD32a variant of Win32/Injector.ELFM
TencentWin32.Trojan-qqpass.Qqrob.Pbyv
SentinelOneDFI – Malicious PE
eGambitUnsafe.AI_Score_90%
FortinetW32/Injector.ELDL!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (W)
MaxSecureTrojan.Malware.300983.susgen

How to remove Win32/Injector.ELFM?

Win32/Injector.ELFM removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

Leave a Comment