Malware

Malware.AI.1660926653 information

Malware Removal

The Malware.AI.1660926653 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1660926653 virus can do?

  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Behavioural detection: Injection (Process Hollowing)
  • Executed a process and injected code into it, probably while unpacking
  • Behavioural detection: Injection (inter-process)

How to determine Malware.AI.1660926653?



File Info:

name: B04CC8FBC5D392B00ED3.mlw
path: /opt/CAPEv2/storage/binaries/797cf348597c7fe60bb011bc17acea9ffd15a5f304f932a9c2015f9de6dcfc9b
crc32: 7B141DEA
md5: b04cc8fbc5d392b00ed39e6610535bc0
sha1: 5b7f83600c89c8a03e5ffb2f21ac95e737fc2a1f
sha256: 797cf348597c7fe60bb011bc17acea9ffd15a5f304f932a9c2015f9de6dcfc9b
sha512: 2e2bc9f91b772fcc85b0f367c398701916a2b1b30ca9dc569cf896fa53606d0f18294af3a5f678b3c8ddf54ea269d05d6a38a55431e49d3f6b4f376c0fc906eb
ssdeep: 6144:icbxzIslIYryF9OqT8ygIccPdNE2Twt+AInwoa0Gpy9rP8XOCeZt:i4is2YrgwqYyg8dKQk+AIwoDGo94XOr
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T19E541210A7288459F628D0FD4B178979D8EDFE731914B2CE6AB63F9E0934FA141321D7
sha3_384: 33334ffd419469b58ad01c64d7bfe605c37248596675cacf8f9527b965dd337d83665fda38408af743c355c06a3b322b
ep_bytes: 6a00ff15e02040008b44240c85c07516
timestamp: 2014-01-29 05:50:19


Version Info:

FileDescription: Mandisy
FileVersion: 1.7.7.9
InternalName: Mandisy
LegalCopyright: Copyright © 1999-2014
ProductVersion: 1.7.7.9
Translation: 0x0409 0x04b0

Malware.AI.1660926653 also known as:

BkavW32.AIDetect.malware2
Elasticmalicious (high confidence)
FireEyeGeneric.mg.b04cc8fbc5d392b0
McAfeePWSZbot-FQM!B04CC8FBC5D3
CylanceUnsafe
SangforTrojan.Win32.Generic.8
K7AntiVirusSpyware ( 004b8cd91 )
AlibabaTrojanPSW:Win32/Injector.d601305d
K7GWSpyware ( 004b8cd91 )
CrowdStrikewin/malicious_confidence_100% (W)
VirITTrojan.Win32.Generic.ZJD
CyrenW32/A-29c0bdbe!Eldorado
SymantecInfostealer
ESET-NOD32a variant of Win32/Injector.V
APEXMalicious
Paloaltogeneric.ml
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderGen:Trojan.ProcessHijack.rq0@aCgkm!m
NANO-AntivirusTrojan.Win32.Zbot.csybyc
SUPERAntiSpywareTrojan.Agent/Gen-Rogue
MicroWorld-eScanGen:Trojan.ProcessHijack.rq0@aCgkm!m
AvastWin32:Trojan-gen
TencentMalware.Win32.Gencirc.10b583da
Ad-AwareGen:Trojan.ProcessHijack.rq0@aCgkm!m
SophosMal/Generic-R + Troj/Agent-AFSL
ComodoTrojWare.Win32.Injector.AWME@57nlgo
DrWebTrojan.PWS.Panda.5676
VIPRETrojan.Win32.Generic!BT
TrendMicroTSPY_ZBOT.SMAA7
McAfee-GW-EditionBehavesLike.Win32.Emotet.dc
EmsisoftGen:Trojan.ProcessHijack.rq0@aCgkm!m (B)
GDataGen:Trojan.ProcessHijack.rq0@aCgkm!m
JiangminTrojanSpy.Zbot.ebhy
AviraTR/Agent.abxa.48
MAXmalware (ai score=100)
Antiy-AVLTrojan[Spy]/Win32.Zbot
GridinsoftRansom.Win32.Zbot.sa
ArcabitTrojan.ProcessHijack.E9B234
ZoneAlarmHEUR:Trojan.Win32.Generic
MicrosoftPWS:Win32/Zbot.AJB
AhnLab-V3Spyware/Win32.Zbot.R96444
BitDefenderThetaGen:NN.ZexaF.34232.rq0@aCgkm!m
ALYacGen:Trojan.ProcessHijack.rq0@aCgkm!m
VBA32TrojanSpy.Zbot
MalwarebytesMalware.AI.1660926653
TrendMicro-HouseCallTSPY_ZBOT.SMAA7
RisingTrojan.Injector!8.C4 (CLOUD)
YandexTrojan.GenAsa!CkBDokVlB48
IkarusVirus.Win32.Zbot
eGambitGeneric.Malware
FortinetW32/Injector.PDA!tr
AVGWin32:Trojan-gen
Cybereasonmalicious.bc5d39
PandaTrj/Genetic.gen
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.1660926653?

Malware.AI.1660926653 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment