Home / malwarePDF  


First posted on 29 March 2020.
Source: Microsoft

Aliases :

There are no other names known for VirTool:Win32/VBInject.VI.

Explanation :

VirTool:Win32/VBInject.VI is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis. A malicious file is generally encrypted and/or compressed and stored inside another program, which decodes the malicious file and loads it. The malicious program may be injected into a clean process or loaded in a new process of its own. Unlike a “dropper”, the malicious executable is never written to disk as a separate file. Malicious programs detected as VirTool:Win32/VBInject.VI can have virtually any purpose, as this technique is utilized by many different malware families in the wild in order to protect them from detection or analysis.

Last update 29 March 2020