Win32/Injector.DLQI [Threat Name] go to Threat

Win32/Injector.DLQI [Threat Variant Name]

Category trojan
Size 598016 B
Detection created Feb 22, 2017
Detection database version 14981
Aliases Trojan.Win32.Nymaim.zao (Kaspersky)
  Trojan.Nymaim.B (Symantec)
  Trojan.Nymaim.143 (Dr.Web)
  VirTool:Win32/CeeInject!bit (Microsoft)
Short description

Win32/Injector.DLQI is generic detection of malicious obfuscated code within files with PE32 (Portable Executable, 32-bit) format.

Installation

The trojan does not create any copies of itself.

Other information

The trojan launches the following processes:

  • %malwarefilepath%
  • %defaultbrowser%
  • %windir%\­Microsoft.NET\­Framework\­v2.0.50727\­CasPol.exe

The trojan creates and runs a new thread with its own code within these running processes.


The trojan usually contains the program code of the following malware:

  • Win32/TrojanDownloader.Nymaim.BA
  • Win32/Filecoder.ED

Please enable Javascript to ensure correct displaying of this content and refresh this page.