F-Secure
Tools
Trojan:W32/DelfInject.gen!H
| Name : | Trojan:W32/DelfInject.gen!H |
| Detection Names : |
Trojan:W32/DelfInject.gen!H |
| Category: | Malware |
| Type: | Trojan |
| Platform: | W32 |
Summary
A trojan, or trojan horse, is a seemingly legitimate program which secretly performs other, usually malicious, functions. It is usually user-initiated and does not replicate.
Additional Details
Trojan:W32/DelfInject.gen!H is a Generic Detection for malicious files that arrives together with a special encapsulation code or program.
The malicious file is embedded in this program and utilizes several protection mechanism such as anti-debug, encryption, virtual machine detection and other related anti-antivirus techniques. The program may also inject the stored malicious file into a legitimate process thus hiding its own process.
The majority of malware that use this technique are Trojan-Downloaders; however, we have also seen it used by backdoors as another level of protection.
About Generic Detections
Unlike more traditional detections (also known as signatures or single-file detections) a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.
The malicious file is embedded in this program and utilizes several protection mechanism such as anti-debug, encryption, virtual machine detection and other related anti-antivirus techniques. The program may also inject the stored malicious file into a legitimate process thus hiding its own process.
The majority of malware that use this technique are Trojan-Downloaders; however, we have also seen it used by backdoors as another level of protection.
About Generic Detections
Unlike more traditional detections (also known as signatures or single-file detections) a Generic Detection does not identify a unique or individual malicious program. Instead, a Generic Detection looks for broadly applicable code or behavior characteristics that indicate a file as potentially malicious, so that a single Generic Detection can efficiently identify dozens, or even hundreds of malware.