Home / malware VirTool:Win32/DelfInject.gen!AG
First posted on 03 January 2020.
Source: MicrosoftAliases :
There are no other names known for VirTool:Win32/DelfInject.gen!AG.
Explanation :
VirTool:Win32/DelfInject.gen!AG is a generic detection for malicious files that are obfuscated using particular techniques to protect them from detection or analysis. A malicious file is generally encrypted/and or compressed and stored inside another program, which decodes the malicious file and loads it. The malicious program may be injected into a clean process or loaded in a new process of its own. Unlike a “dropper”, the malicious executable is never written to disk as a separate file. VirTool:Win32/DelfInject.gen has been used on a variety of different malware, especially several different families of IM spreading IRC bots such as Worm:Win32/Scrimge, Worm:Win32/Slenfbot and Worm:Win32/Pushbot. Other malware families such as Win32/Rimecud, Win32/Zbot and Win32/Hamweq have also been observed using Delfinject.
Last update 03 January 2020