Malware

How to remove “Generic.AIT.Miner.A.0B791FB2”?

Malware Removal

The Generic.AIT.Miner.A.0B791FB2 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Generic.AIT.Miner.A.0B791FB2 virus can do?

  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Anomalous binary characteristics

How to determine Generic.AIT.Miner.A.0B791FB2?



File Info:

name: B2CB7CA15BDFE352B4BA.mlw
path: /opt/CAPEv2/storage/binaries/9ba3b5d0d9265572721c4e1506d2e117e13daea0e5aa8d9d07964833dddb72fe
crc32: E264FFCD
md5: b2cb7ca15bdfe352b4ba4dd6454bfbaf
sha1: b5c3ca34323cabe8cd4f97c1fb1e84397fcbdcf5
sha256: 9ba3b5d0d9265572721c4e1506d2e117e13daea0e5aa8d9d07964833dddb72fe
sha512: 00f9dd6f2e79131c58ba0cd956af9550070d0b1a98c22735d498413ce7af2735a805541a02fb7eaca4fe34a302f1d916f6164c80dda260d29920953c0c0cdafe
ssdeep: 196608:1CKjtWl5lTqTZU+Yu12MzWU7MFMcbjd1v1:MetWzhEZU+11yU7WMCrN
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1AE96231273A1D036FF9BA2738F26A5454A7D7D650233852F13A82C39BD70672273E762
sha3_384: 77a7f706901907e3fb6cc4f40ec9ef083bcc7b531d296802b6c4ece912ef8a1ab3efb283eecf711d9a99432a302a64b2
ep_bytes: e8c8d00000e97ffeffffcccccccccccc
timestamp: 2021-07-08 22:44:29


Version Info:

0: [No Data]

Generic.AIT.Miner.A.0B791FB2 also known as:

Elasticmalicious (high confidence)
MicroWorld-eScanGeneric.AIT.Miner.A.0B791FB2
FireEyeGeneric.mg.b2cb7ca15bdfe352
CAT-QuickHealTrojan.AutoIt.MineDropper.C
ALYacGeneric.AIT.Miner.A.0B791FB2
Cybereasonmalicious.15bdfe
SymantecPUA.AutoItDropper
APEXMalicious
KasperskyHEUR:Trojan.Script.Generic
BitDefenderGeneric.AIT.Miner.A.0B791FB2
AvastBV:CoinHelper-B [Miner]
Ad-AwareGeneric.AIT.Miner.A.0B791FB2
EmsisoftGeneric.AIT.Miner.A.0B791FB2 (B)
McAfee-GW-EditionBehavesLike.Win32.Generic.tc
SophosGeneric ML PUA (PUA)
IkarusTrojan-Dropper.Win32.Autoit
GDataWin32.Trojan.BSE.196N20V
MicrosoftTrojanDropper:AutoIt/Nymeria.AR!MTB
CynetMalicious (score: 100)
AhnLab-V3Dropper/AU3.Miner.S1098
McAfeeTrojan-AitInject.as
MAXmalware (ai score=81)
VBA32Trojan.Autoit.Wirus
MalwarebytesMalware.AI.1886165987
RisingTrojan.CoinMiner/Autoit!1.C937 (CLASSIC)
FortinetAutoIt/CoinMiner.TL!tr
BitDefenderThetaAI:Packer.BC75735117
AVGBV:CoinHelper-B [Miner]

How to remove Generic.AIT.Miner.A.0B791FB2?

Generic.AIT.Miner.A.0B791FB2 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment