Win32/Injector.ERXX information

The Win32/Injector.ERXX is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Win32/Injector.ERXX virus can do?

Unconventionial language used in binary resources: Arabic (Libya)
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid

How to determine Win32/Injector.ERXX?


File Info:
name: 60415750B537FC226DF8.mlw
path: /opt/CAPEv2/storage/binaries/8484368e9aec89fbdf150820a81eb288ead102a38d7a4bd121ea57e4e2e77118
crc32: BDC3AFAD
md5: 60415750b537fc226df86067b292410f
sha1: f59cb4602dbfbb3efe29e9b5edf95379ad9b958b
sha256: 8484368e9aec89fbdf150820a81eb288ead102a38d7a4bd121ea57e4e2e77118
sha512: 7fa2af892f6a351e66bbc551aca9d0caff61a1aa152f456de820c17613ce832799c2042dc3f8da2432e6cdbbf601c1070862244efb612b085d49c65e0e818ea5
ssdeep: 24576:rCVdbzLYJJqC//t8MatE2RCYxaWL1kDbF:rqsJIcll+3Cf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1F4457D33F2918833D1B21A789D5B96DC98297E143D38588A3FED3E4C4F39A817D25297
sha3_384: 4071ea1fbe7925383c730a1c02b8900cc3bbe21cfe44c20ace8d6936197eb6adbd6eee1e78b0aa1f604fc43d440cffd7
ep_bytes: 558bec83c4f0b8642e4d00e8203af3ff
timestamp: 1992-06-19 22:22:17

Version Info:
InternalName: hur7 
LegalCopyright: C opyright (c) 1999-2011 Igor Pavlov
OriginalFilename: 7 z.exe
ProductName: 7-Zip
ProductVersion: 9.23 alpha
Translation: 0x0409 0x04b0

Win32/Injector.ERXX also known as:

Bkav	W32.AIDetect.malware2
MicroWorld-eScan	Trojan.GenericKDZ.90507
ALYac	Trojan.GenericKDZ.90507
K7AntiVirus	Trojan ( 005690671 )
K7GW	Trojan ( 005690671 )
Cyren	W32/Injector.BAI.gen!Eldorado
Elastic	malicious (moderate confidence)
ESET-NOD32	a variant of Win32/Injector.ERXX
APEX	Malicious
BitDefender	Trojan.GenericKDZ.90507
Avast	Win32:PWSX-gen [Trj]
Ad-Aware	Trojan.GenericKDZ.90507
VIPRE	Trojan.GenericKDZ.90507
FireEye	Trojan.GenericKDZ.90507
GData	Trojan.GenericKDZ.90507
Antiy-AVL	Trojan/Generic.ASMalwS.720E
Arcabit	Trojan.Generic.D1618B
Microsoft	Trojan:Win32/Sabsik.FL.A!ml
AhnLab-V3	Trojan/Win.Generic.R508619
McAfee	GenericRXTU-HZ!60415750B537
MAX	malware (ai score=88)
Ikarus	Backdoor.Agent
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/Injector.ERXX!tr
BitDefenderTheta	Gen:NN.ZelphiF.34582.hH0@aCH5vspO
AVG	Win32:PWSX-gen [Trj]
Panda	Trj/Genetic.gen

How to remove Win32/Injector.ERXX?

Win32/Injector.ERXX removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X