Home / malware VirTool:Win32/DelfInject.gen!BV
First posted on 16 February 2019.
Source: MicrosoftAliases :
There are no other names known for VirTool:Win32/DelfInject.gen!BV.
Explanation :
VirTool:Win32/DelfInject.gen!BV is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis. A malicious file is generally encrypted/and or compressed and stored inside another program, which decodes the malicious file and loads it. The malicious program may be injected into a clean process or loaded in a new process of its own. Unlike a “dropper”, the malicious executable is never written to disk as a separate file. VirTool:Win32/DelfInject.gen has been used on a variety of different malware, especially several different families of Instant Messaging (IM) spreading Internet Relay Chat (IRC) bots such as Worm:Win32/Scrimge, Worm:Win32/Slenfbot and Worm:Win32/Pushbot. Other malware families such as Win32/Rimecud, Win32/Zbot and Win32/Hamweq have also been observed using Delfinject.
Last update 16 February 2019
