Malware

Malware.AI.114922372 removal guide

Malware Removal

The Malware.AI.114922372 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.114922372 virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Behavioural detection: Executable code extraction – unpacking
  • Creates RWX memory
  • Guard pages use detected – possible anti-debugging.
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Authenticode signature is invalid
  • Collects and encrypts information about the computer likely to send to C2 server
  • Checks the CPU name from registry, possibly for anti-virtualization
  • Attempts to interact with an Alternate Data Stream (ADS)

How to determine Malware.AI.114922372?



File Info:

name: C79CA123575D77393C11.mlw
path: /opt/CAPEv2/storage/binaries/f03606bc592df0c7632142c303280bb755c62c393969fcde66ad63a5c8f2ef21
crc32: 3BD0C666
md5: c79ca123575d77393c112d654825eb9f
sha1: e002806fce05ee7dcdf2c5b3cb5c970891539924
sha256: f03606bc592df0c7632142c303280bb755c62c393969fcde66ad63a5c8f2ef21
sha512: 7ef81f8c078421b82bf7e2eefb4d770eb074a07001d435fe89e9f6f550d0973cfe1965347de7eb4acbd522bbb52fd01160f224d83cf54386ccc263a08771ddae
ssdeep: 6144:ToB4hzqyqs0MNodzI/vUfQxZbAKnhsxLp3M/+jQ20VKpatw8ztyR19bnfaFOXcD:ToBQBeI/vOUZb2pLQ20cH7nXXC
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1BC942A003BDB1F84C9DD09BAE8F50844D3F8DCAB0B92F35F798A14B83974369D899656
sha3_384: d6ac29b4e6e58e2ed693d149c52f52fb4d38e187a73cfacda08c29cf73c77feeef58affa1b3e7422d131c51111f1706a
ep_bytes: ff2500204000f3d69d8c000000000000
timestamp: 2017-12-30 12:04:10


Version Info:

Translation: 0x0000 0x04b0
Comments: 
CompanyName: Activision Blizzard
FileDescription: Battle NET lancher
FileVersion: 5.1.1.9
InternalName: launcher.exe
LegalCopyright: Copyright Blizzard ©  2016
LegalTrademarks: 
OriginalFilename: launcher.exe
ProductName: launcher
ProductVersion: 5.1.1.9
Assembly Version: 5.1.1.9

Malware.AI.114922372 also known as:

LionicTrojan.MSIL.Generic.4!c
Elasticmalicious (high confidence)
MicroWorld-eScanAdware.GenericKD.47559766
FireEyeGeneric.mg.c79ca123575d7739
CAT-QuickHealTrojan.MSIL
ALYacAdware.GenericKD.47559766
CylanceUnsafe
K7AntiVirusRiskware ( 0050b1e11 )
AlibabaTrojan:MSIL/MalwareX.f0986ccc
K7GWRiskware ( 0050b1e11 )
CrowdStrikewin/malicious_confidence_70% (D)
BitDefenderThetaGen:NN.ZemsilF.34084.Bm0@aiG1ctf
CyrenW32/MSIL_Agent.CLL.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of MSIL/Riskware.GameHack.Z
TrendMicro-HouseCallTROJ_GEN.R002C0PL321
Paloaltogeneric.ml
KasperskyHEUR:Trojan.MSIL.Generic
BitDefenderAdware.GenericKD.47559766
AvastWin32:MalwareX-gen [Trj]
TencentMalware.Win32.Gencirc.114949fa
Ad-AwareAdware.GenericKD.47559766
EmsisoftAdware.GenericKD.47559766 (B)
ComodoApplication.MSIL.GameHack.Z@7kilc4
TrendMicroTROJ_GEN.R002C0PL321
McAfee-GW-EditionBehavesLike.Win32.Generic.gh
SophosMal/Generic-S
SentinelOneStatic AI – Malicious PE
JiangminTrojan.MSIL.akcpf
AviraTR/Dropper.Gen7
MAXmalware (ai score=68)
Antiy-AVLTrojan/Generic.ASMalwS.23DB3B5
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
ArcabitAdware.Generic.D2D5B456
ViRobotTrojan.Win32.Z.Gamehack.448512.A
GDataMSIL.Trojan.Agent.AFT
CynetMalicious (score: 99)
AhnLab-V3Unwanted/Win32.GameHack.R215215
Acronissuspicious
McAfeeGenericRXCU-UA!C79CA123575D
VBA32TScope.Trojan.MSIL
MalwarebytesMalware.AI.114922372
APEXMalicious
IkarusPUA.MSIL.Riskware
eGambitUnsafe.AI_Score_99%
FortinetMSIL/Agent.SHR!tr
AVGWin32:MalwareX-gen [Trj]
Cybereasonmalicious.fce05e
PandaTrj/GdSda.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.114922372?

Malware.AI.114922372 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment