Malware

AIT.Acapulco.8.Gen removal instruction

Malware Removal

The AIT.Acapulco.8.Gen is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
6-day free trial available.

What AIT.Acapulco.8.Gen virus can do?

  • Executable code extraction
  • Injection (inter-process)
  • Injection (Process Hollowing)
  • Creates RWX memory
  • The binary likely contains encrypted or compressed data.
  • Executed a process and injected code into it, probably while unpacking
  • Network activity detected but not expressed in API logs

How to determine AIT.Acapulco.8.Gen?


File Info:

crc32: 8DE63674
md5: 341d91cbc02b0108b52c17c218b68c4c
name: winlog.exe
sha1: 1b4a080701b757f420b523921fd59f52d7960d9d
sha256: cd1b06f7fd3f246722daff9140a2c35035522797479600479a0bd91d641482a1
sha512: 1e463f4d44b15600a8aab81612f787a116ab3046a691b4d8a8bd05bcd46d5833783c9f201b2ec1344631e5adbc5c32c5b8bf9b313025568d88b018f2a0b85bc9
ssdeep: 24576:jtb20pkaCqT5TBWgNQ7aj3KBg3zmCGCGxK40O5Dos+5rJwWvIgWPWNI0tLUlUdP:gVg5tQ7ajCJ50EoxrKWwtWNI0tMc5
type: PE32 executable (GUI) Intel 80386, for MS Windows

Version Info:

Translation: 0x0809 0x04b0

AIT.Acapulco.8.Gen also known as:

MicroWorld-eScanAIT.Acapulco.8.Gen
FireEyeGeneric.mg.341d91cbc02b0108
McAfeeArtemis!341D91CBC02B
CylanceUnsafe
AegisLabTrojan.Script.Generic.4!c
BitDefenderAIT.Acapulco.8.Gen
K7GWTrojan ( 005671bd1 )
Cybereasonmalicious.701b75
Invinceaheuristic
SymantecTrojan.Gen.MBT
APEXMalicious
AvastScript:SNH-gen [Trj]
GDataAIT.Acapulco.8.Gen
KasperskyHEUR:Trojan.Script.Generic
AlibabaTrojan:Win32/Injector.2712b191
Endgamemalicious (high confidence)
F-SecureTrojan.TR/AD.Swotter.hys
DrWebTrojan.Siggen9.47967
EmsisoftAIT.Acapulco.8.Gen (B)
IkarusWin32.Outbreak
CyrenW32/AutoIt.OM.gen!Eldorado
AviraTR/AD.Swotter.hys
MAXmalware (ai score=87)
Antiy-AVLGrayWare/Autoit.BinToStr.a
MicrosoftTrojan:Win32/Predator.ARA!MTB
ArcabitAIT.Acapulco.8.Gen
ZoneAlarmHEUR:Trojan.Script.Generic
MalwarebytesTrojan.MalPack.AutoIt.Generic
PandaTrj/CI.A
ESET-NOD32a variant of Win32/Injector.Autoit.FHY
TrendMicro-HouseCallTROJ_GEN.R002H01EL20
RisingTrojan.Obfus/Autoit!1.C6C8 (CLASSIC)
MaxSecureTrojan.Malware.300983.susgen
FortinetAutoIt/Injector.FHI!tr
Ad-AwareAIT.Acapulco.8.Gen
AVGScript:SNH-gen [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_60% (W)
Qihoo-360Generic/Trojan.Script.ed4

How to remove AIT.Acapulco.8.Gen?

AIT.Acapulco.8.Gen removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment