Malware

What is “Malware.AI.1402744813”?

Malware Removal

The Malware.AI.1402744813 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1402744813 virus can do?

  • Executable code extraction
  • Enumerates user accounts on the system
  • Creates RWX memory
  • A process attempted to delay the analysis task.
  • Drops a binary and executes it
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Creates an excessive number of UDP connection attempts to external IP addresses
  • Performs some HTTP requests
  • Unconventionial language used in binary resources: Portuguese
  • Looks up the external IP address
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Exhibits behavior characteristic of Cerber ransomware
  • Creates or sets a registry key to a long series of bytes, possibly to store a binary or malware config
  • Mimics the file times of a Windows system file
  • Installs itself for autorun at Windows startup
  • Creates a hidden or system file
  • EternalBlue behavior
  • Attempts to identify installed AV products by installation directory
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Anomalous binary characteristics
  • Uses suspicious command line tools or Windows utilities

Related domains:

z.whorecord.xyz
a.tomx.xyz
ipinfo.io

How to determine Malware.AI.1402744813?



File Info:

crc32: B03A35E6
md5: c0239160b89c1300db7c8b0143645ba7
name: C0239160B89C1300DB7C8B0143645BA7.mlw
sha1: 40a0869140a35aab13892407bbbbb878496b4db1
sha256: b896634f416fe919ea45d99a7741d43b20eb6faf2ff7fc51824d38639957ef6c
sha512: 6e1dae4863ab8698d62d014ac81fda1df1e8b04ccc9afa1eca1e086bed0f0ee662ebc014773f9027d328fc8e5fa02b33de9011f396c41768ce0ee88f1738b43f
ssdeep: 6144:WRCL8+OfIQ20QICoCBqaa0dGaPuUiSAmNQv5:cw8+OfIQPioCBqaRdGac9U8
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

eUp Software: n#x01FileDescription
eUp Product Registration Wizard: <x0ex01FileVersion
Comments: @x10x01CompanyName
eUp Utilities 2014: @x0ex01ProductVersion
yright xa9 AVG Netherlands B. V. 2011: Lx12x01LegalTrademarks
eUp Utilitiesx2122: Lx16x01ProductName
0.1000.340: D
Translation: 0x0407 0x04b0

Malware.AI.1402744813 also known as:

BkavW32.AIDetect.malware2
K7AntiVirusTrojan ( 005224381 )
LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.4691
CynetMalicious (score: 100)
ALYacTrojan.Ransom.Cerber.1
CylanceUnsafe
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
K7GWTrojan ( 005224381 )
Cybereasonmalicious.0b89c1
BaiduWin32.Trojan.Kryptik.ayf
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.FKVG
APEXMalicious
AvastWin32:Malware-gen
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Ransom.Cerber.1
NANO-AntivirusTrojan.Win32.Encoder.evmsrm
MicroWorld-eScanTrojan.Ransom.Cerber.1
TencentWin32.Trojan.Generic.Sudf
Ad-AwareTrojan.Ransom.Cerber.1
SophosML/PE-A + Mal/Ransom-EJ
ComodoTrojWare.Win32.Kryptik.ERJ@6l0vie
BitDefenderThetaAI:Packer.37FB53C820
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPCERBER.SM3
McAfee-GW-EditionBehavesLike.Win32.Generic.fh
FireEyeGeneric.mg.c0239160b89c1300
EmsisoftTrojan.Ransom.Cerber.1 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Generic.bstlr
AviraHEUR/AGEN.1129194
Antiy-AVLTrojan/Generic.ASMalwS.22DBEB5
MicrosoftRansom:Win32/Avaddon.P!MSR
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Ransom.Cerber.1
AhnLab-V3Win-Trojan/Cerber.Gen
Acronissuspicious
McAfeeTrojan-FORL!C0239160B89C
MAXmalware (ai score=100)
VBA32BScope.TrojanPSW.Papras
MalwarebytesMalware.AI.1402744813
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_HPCERBER.SM3
RisingTrojan.Kryptik!1.AE9C (CLASSIC)
YandexTrojan.GenAsa!ycf57DKmKpQ
IkarusTrojan.Win32.Krypt
MaxSecureTrojan.Malware.300983.susgen
FortinetW32/Dridex.DD!tr
AVGWin32:Malware-gen
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Cerber.HxQBEpsA

How to remove Malware.AI.1402744813?

Malware.AI.1402744813 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment