Multi-License Discount Quote

Change Region

English
Threat Database Viruses Virus.CeeInject.gen!IF

Virus.CeeInject.gen!IF

By CagedTech in Viruses

Threat Scorecard

Popularity Rank: 1,165
Threat Level: 10 % (Normal)
Infected Computers: 160,258
First Seen: October 23, 2012
Last Seen: April 6, 2026
OS(es) Affected: Windows

Aliases

15 security vendors flagged this file as malicious.

Antivirus Vendor Detection
AVG Dropper.Generic6.CEKP
Ikarus Trojan.Win32.Yakes
AntiVir TR/Dropper.Gen8
Kaspersky HEUR:Trojan.Win32.Generic
Avast Win32:Crypt-NXP [Trj]
Panda Suspicious file
Fortinet W32/Crypt.BBCM!tr
McAfee-GW-Edition Heuristic.BehavesLike.Win32.Suspicious-BAY.K
AntiVir TR/Graftor.43893
Sophos Troj/Agent-XYV
BitDefender Gen:Variant.Graftor.43893
Kaspersky Trojan-Ransom.Win32.Foreign.qyo
Panda Trj/CI.A
AVG Dropper.Generic6.CEYD
Fortinet W32/Androm.KZ!tr.bdr

SpyHunter Detects & Remove Virus.CeeInject.gen!IF

File System Details

Virus.CeeInject.gen!IF may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. ctfmon.exe 23a35d78c169a3cc1c9cbd02354fa92d 4
2. mswwmo.exe 22fdd2685dd9529bf84b6e178f8f9d95 2
3. system.exe 722c633baa70feb64d2da4b26c00c351 2

Analysis Report

General information

Family Name: PUP.Patcher.CA
Signature status: No Signature

Known Samples

MD5: f52b27fa63e8c3cfb90ec978c0e07872
SHA1: db51038d4ddbf3811d3ee274dba24479378c9394
SHA256: C9D6F1D1DFB22913C6BAED34DD164100DA3B2807E59D301A088A4282A9229B91
File Size: 246.27 KB, 246272 bytes
MD5: 430fecaa7a8989f550c2af9368491aac
SHA1: 368b49a5ca2d470928ff817ba24fbb88c28c44d3
SHA256: C3E0C6E79081D932DFCFE199DB0780A3D4A4A28100CF5FD807D0AA4AEC693AA5
File Size: 6.68 MB, 6677789 bytes
MD5: c5b93a8da9e7c73717a2baa86f676c19
SHA1: 6d6332b9b558cc0381ffdf9cb70ff84b156e15ff
SHA256: F453B3E0E2A290A98E105CF9720BEEC5A37BA3CDFEBD6AFEEE8EA4BA16EBF929
File Size: 64.00 KB, 64000 bytes
MD5: c9c13dcdc453dffe28297f67746678bc
SHA1: 31ea1193d257f584f6fafa8023f95f707b572c2c
SHA256: 782CB89020FD682A110F7151C87D7FD4554033BF1E8860C49516AD509489090F
File Size: 109.06 KB, 109056 bytes
MD5: e4f1d56aa2a8cf9356f8fc6166266c1f
SHA1: d127c3aae4d616ad80eaf538e58f0a647e52c7e0
SHA256: 74C6F7701A6FEFAC01E067935E79DB0C7E10F44A430A6A0D4A836ED0B634E423
File Size: 736.60 KB, 736599 bytes

Windows Portable Executable Attributes

  • File doesn't have "Rich" header
  • File doesn't have debug information
  • File doesn't have exports table
  • File doesn't have relocations information
  • File doesn't have security information
  • File has exports table
  • File is 32-bit executable
  • File is either console or GUI application
  • File is GUI application (IMAGE_SUBSYSTEM_WINDOWS_GUI)
  • File is Native application (NOT .NET application)
Show More
  • File is not packed
  • IMAGE_FILE_DLL is not set inside PE header (Executable)
  • IMAGE_FILE_EXECUTABLE_IMAGE is set inside PE header (Executable Image)

File Icons

Windows PE Version Information

Name Value
Company Name Microsoft
File Version 1.00
Internal Name Win
Original Filename Win.exe
Product Name Win
Product Version 1.00

File Traits

  • HighEntropy
  • No Version Info
  • x86

Block Information

Similar Families

  • Patcher.C
  • Patcher.CA

Files Modified

File Attributes
c:\users\user\appdata\local\temp\dup2patcher.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0 Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\__tmp_rar_sfx_access_check_2475921 Generic Read,Write Data,Write Attributes,Write extended,Append data
c:\users\user\appdata\local\temp\rarsfx0\active_edits.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\active_edits.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\bookmarks.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\bookmarks.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\ca_root_pem Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\ca_root_pem Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\cache Generic Write,Read Attributes
Show More
c:\users\user\appdata\local\temp\rarsfx0\cache Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\cert.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\cert.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.chm Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.chm Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.ini Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.ini Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.key Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.key Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.portable Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\flashfxp.portable Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\arabic.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\arabic.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\armenian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\armenian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\bulgarian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\bulgarian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\catalan.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\catalan.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese simplified.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese simplified.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese traditional.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\chinese traditional.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\czech.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\czech.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\danish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\danish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\dutch.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\dutch.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\estonian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\estonian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\finnish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\finnish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\french.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\french.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\german.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\german.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\hungarian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\hungarian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\italian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\italian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\japanese.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\japanese.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\korean.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\korean.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\norwegian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\norwegian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\polish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\polish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-brazil.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-brazil.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-european.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\portuguese-european.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\romanian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\romanian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\russian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\russian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovak.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovak.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovenian.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\slovenian.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\spanish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\spanish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\swedish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\swedish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\turkish.dlf Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\language\turkish.dlf Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\libcrypto-1_1.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\libcrypto-1_1.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\libeay32.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\libeay32.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\libssl-1_1.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\libssl-1_1.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\msvcr110.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\msvcr110.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\patch.exe Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\patch.exe Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\quick.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\quick.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\sites.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\sites.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\skiplist.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\skiplist.dat Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\ssleay32.dll Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\ssleay32.dll Synchronize,Write Attributes
c:\users\user\appdata\local\temp\rarsfx0\stats.dat Generic Write,Read Attributes
c:\users\user\appdata\local\temp\rarsfx0\stats.dat Synchronize,Write Attributes

Registry Modifications

Key::Value Data API Name
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::proxybypass  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::intranetname  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::uncasintranet  RegNtPreCreateKey
HKCU\software\microsoft\windows\currentversion\internet settings\zonemap::autodetect RegNtPreCreateKey

Windows API Usage

Category API
Anti Debug
  • IsDebuggerPresent
User Data Access
  • GetUserObjectInformation
Keyboard Access
  • GetKeyState
Process Manipulation Evasion
  • NtUnmapViewOfSection
Process Shell Execute
  • ShellExecuteEx
Other Suspicious
  • SetWindowsHookEx

Shell Command Execution

(NULL) FlashFXP

Trending

Most Viewed

Loading...