Multi-License Discount Quote

Change Region

English
Threat Database Viruses Virus.CeeInject.gen!IF

Virus.CeeInject.gen!IF

By CagedTech in Viruses

Threat Scorecard

Popularity Rank: 1,688
Threat Level: 10 % (Normal)
Infected Computers: 160,025
First Seen: October 23, 2012
Last Seen: January 23, 2026
OS(es) Affected: Windows

Aliases

15 security vendors flagged this file as malicious.

Antivirus Vendor Detection
AVG Dropper.Generic6.CEKP
Ikarus Trojan.Win32.Yakes
AntiVir TR/Dropper.Gen8
Kaspersky HEUR:Trojan.Win32.Generic
Avast Win32:Crypt-NXP [Trj]
Panda Suspicious file
Fortinet W32/Crypt.BBCM!tr
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious-BAY.K
AntiVir TR/Graftor.43893
Sophos Troj/Agent-XYV
BitDefender Gen:Variant.Graftor.43893
Kaspersky Trojan-Ransom.Win32.Foreign.qyo
Panda Trj/CI.A
AVG Dropper.Generic6.CEYD
Fortinet W32/Androm.KZ!tr.bdr

SpyHunter Detects & Remove Virus.CeeInject.gen!IF

File System Details

Virus.CeeInject.gen!IF may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. ctfmon.exe 23a35d78c169a3cc1c9cbd02354fa92d 4
2. mswwmo.exe 22fdd2685dd9529bf84b6e178f8f9d95 2
3. system.exe 722c633baa70feb64d2da4b26c00c351 2

Analysis Report

General information

Family Name: PUP.Patcher.CA
Signature status: No Signature

Known Samples

MD5: f52b27fa63e8c3cfb90ec978c0e07872
SHA1: db51038d4ddbf3811d3ee274dba24479378c9394
SHA256: C9D6F1D1DFB22913C6BAED34DD164100DA3B2807E59D301A088A4282A9229B91
File Size: 246.27 KB, 246272 bytes
MD5: 430fecaa7a8989f550c2af9368491aac
SHA1: 368b49a5ca2d470928ff817ba24fbb88c28c44d3
SHA256: C3E0C6E79081D932DFCFE199DB0780A3D4A4A28100CF5FD807D0AA4AEC693AA5
File Size: 6.68 MB, 6677789 bytes
MD5: c5b93a8da9e7c73717a2baa86f676c19
SHA1: 6d6332b9b558cc0381ffdf9cb70ff84b156e15ff
SHA256: F453B3E0E2A290A98E105CF9720BEEC5A37BA3CDFEBD6AFEEE8EA4BA16EBF929
File Size: 64.00 KB, 64000 bytes
MD5: c9c13dcdc453dffe28297f67746678bc
SHA1: 31ea1193d257f584f6fafa8023f95f707b572c2c
SHA256: 782CB89020FD682A110F7151C87D7FD4554033BF1E8860C49516AD509489090F
File Size: 109.06 KB, 109056 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have security information
  • File has exports table
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
  • File is not packed
Show More
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

File Traits

  • HighEntropy
  • No Version Info
  • x86

Block Information

Total Blocks: 4
Potentially Malicious Blocks: 3
Whitelisted Blocks: 1
Unknown Blocks: 0

Visual Map

x x x 0
0 - Probable Safe Block
? - Unknown Block
x - Potentially Malicious Block

Similar Families

  • Patcher.C
  • Patcher.CA

Files Modified

File Attributes
c:\users\user\appdata\local\temp\dup2patcher.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0 Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\__tmp_rar_sfx_access_check_2475921 Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\rarsfx0\active_edits.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\active_edits.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\bookmarks.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\bookmarks.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\ca_root_pem Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\ca_root_pem Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\cache Generic Write,Read Attributes
Show More
c:\users\user\appdata\local\temp\rarsfx0\cache Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\cert.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\cert.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.chm Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.chm Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.ini Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.ini Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.key Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.key Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.portable Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.portable Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\arabic.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\arabic.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\armenian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\armenian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\bulgarian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\bulgarian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\catalan.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\catalan.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese simplified.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese simplified.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese traditional.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese traditional.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\czech.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\czech.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\danish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\danish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\dutch.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\dutch.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\estonian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\estonian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\finnish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\finnish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\french.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\french.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\german.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\german.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\hungarian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\hungarian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\italian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\italian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\japanese.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\japanese.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\korean.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\korean.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\norwegian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\norwegian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\polish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\polish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-brazil.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-brazil.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-european.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-european.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\romanian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\romanian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\russian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\russian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovak.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovak.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovenian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovenian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\spanish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\spanish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\swedish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\swedish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\turkish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\turkish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\libcrypto-1_1.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\libcrypto-1_1.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\libeay32.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\libeay32.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\libssl-1_1.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\libssl-1_1.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\msvcr110.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\msvcr110.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\patch.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\patch.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\quick.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\quick.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\sites.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\sites.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\skiplist.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\skiplist.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\ssleay32.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\ssleay32.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\stats.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\stats.dat Synchronize,Write Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation
Keyboard Access
  • GetKeyState
Process Manipulation Evasion
  • NtUnmapViewOfSection
Process Shell Execute
  • ShellExecuteEx

Shell Command Execution

(NULL) FlashFXP

Trending

Most Viewed

Loading...