home

zeroinjector v2.exe

Zero // Injector

Powered by www.oldschoolhack.de

The application zeroinjector v2.exe, “Zero DLL Injector” has been detected as a potentially unwanted program by 9 anti-malware scanners. This is a setup program which is used to install the application. The file has been seen being downloaded from www.oldschoolhack.me and multiple other hosts.
Publisher:
Powered by www.oldschoolhack.de

Product:
Zero // Injector

Description:
Zero DLL Injector

Version:
1.0.0.0

MD5:
5b9247c4673facb622e75c5bc52b0657

SHA-1:
3eb4f04a9dea14359cdd43b910b470c8cdf1464d

SHA-256:
68ae6818a3cba274f504ab1555c4d774e8208a92f794bf33baa37018f2640ce5

Scanner detections:
9 / 68

Status:
Potentially unwanted

Analysis date:
11/27/2024 8:48:41 PM UTC  (today)

Scan engine
Detection
Engine version

Avira AntiVirus
TR/Inject.2187776
8.3.3.2

avast!
Win32:Malware-gen
2014.9-160303

Baidu Antivirus
Hacktool.MSIL.DllInject
4.0.3.1633

ESET NOD32
MSIL/DllInject.BL potentially unsafe (variant)
10.13100

K7 AntiVirus
Unwanted-Program
13.214.18879

McAfee
Artemis!5B9247C4673F
5600.6471

NANO AntiVirus
Trojan.Win32.Inject.dzejlx
1.0.14.6204

Qihoo 360 Security
HEUR/QVM03.0.Malware.Gen
1.0.0.1120

VIPRE Antivirus
Trojan.Win32.Generic
47548

File size:
2.1 MB (2,187,776 bytes)

Product version:
1.0.0.0

Copyright:
Copyright © 2015

Trademarks:
Zero // Injector

Original file name:
CrazywinksDLLinjectionTutorial.exe

File type:
Executable application (Win32 EXE)

File PE Metadata
Compilation timestamp:
12/4/2015 7:11:00 PM

OS version:
4.0

OS bitness:
Win32

Subsystem:
Windows GUI

Linker version:
11.0

.NET CLR dependent:
Yes

CTPH (ssdeep):
49152:rqMxbifi1ZD/QGewo+JbMjSQc0BUrc8pudiIS/iGkk3O:W6bikFQwo+JaSQcjRpuMXHk

Entry address:
0x215BBE

Entry point:
FF, 25, 00, 20, 40, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 00, 44, E5, 61, 56, 00, 00, 00, 00, 02, 00, 00, 00, 1C, 01, 00, 00, 1C, 60, 21, 00, 1C, 40, 21, 00, 52, 53, 44, 53, 74, 64, 62, 8D, 06, EA, 6B, 4B, 9C, 03, 15, 2A, 91, B8, 17, FB, 01, 00, 00, 00, 43, 3A, 5C, 55, 73, 65, 72, 73, 5C, 4D...
 
[+]

Developed / compiled with:
Microsoft Visual C# / Basic .NET

Code size:
2.1 MB (2,178,048 bytes)

The file zeroinjector v2.exe has been seen being distributed by the following 15 URLs.

https://www.oldschoolhack.me/downloads/.../65b244a750764562417459c8ae38a3af

https://www.oldschoolhack.me/en/downloads/.../b73b61c5ab86708d0b8e27cec7467426

https://www.oldschoolhack.me/en/downloads/.../186a936700ec0fb5fb849773c6120204

https://www.oldschoolhack.me/en/downloads/.../15d8d0d20e42cb8d40a1a80da5d3c656

temp:[www.OldSchoolHack.me]_BREAKOUT2.dll

https://www.oldschoolhack.me/en/downloads/.../5667fbae6cc1f17197b56c4d80dbb288

https://www.oldschoolhack.me/downloads/.../3970b018460d1b2dd9c67d119e73f456

https://www.oldschoolhack.me/downloads/.../694f7e33db1affa903a3bc08c610c12c

https://www.oldschoolhack.me/en/downloads/.../2a30947aaca0b7ad6cfa7ceb669deb90

https://www.oldschoolhack.me/downloads/.../3c86faa49391b23a55195b570efe9911

https://www.oldschoolhack.me/downloads/.../72989f8693ad8b61880b39e696b8a0c0

https://www.oldschoolhack.me/en/downloads/.../160cb2ef8d92f4761f1d15cf208ddbd6

https://www.oldschoolhack.me/downloads/.../d250d775dad8322310678ad551412de3

https://www.oldschoolhack.me/downloads/.../4e5648810890a4b433fd3f24a29ce8d1

https://www.oldschoolhack.me/en/downloads/.../ef0d19784d167b6e2ce7ed582010e158

Remove zeroinjector v2.exe - Powered by Reason Core Security
herdProtect is a second line of defense malware removal platform powered by 68 anti-malware engines in the cloud. Since no single anti-malware program is perfect 100% of the time, herdProtect utilizes a 'herd' of multiple engines to guarantee the widest coverage and the earliest possible detection.