Malware

Malware.AI.1667731616 information

Malware Removal

The Malware.AI.1667731616 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1667731616 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • A process created a hidden window
  • Uses Windows utilities for basic functionality
  • Attempts to modify desktop wallpaper
  • Exhibits behavior characteristic of Cerber ransomware
  • Attempts to execute a binary from a dead or sinkholed URL
  • Writes a potential ransom message to disk
  • Attempts to modify proxy settings
  • Attempts to access Bitcoin/ALTCoin wallets
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.1667731616?



File Info:

crc32: D12DD345
md5: b028bf0ebb37e998388117a74d32f4df
name: B028BF0EBB37E998388117A74D32F4DF.mlw
sha1: 836fafc9a3d9abb9198423fa4b57aba7caf26256
sha256: 0e4e09a69737f77ac8cf18f6731f182cbd055cc569524488f55370962a3b4b12
sha512: bec6e22980a24fb8fe039e955b4f99fd2b2398587d9ef97eb633780661011e7b4fdaf1759ed1679b8765d431c6b3448a14b68dec4a2a64921b691da138bbb1ff
ssdeep: 6144:1+wpqonpCZDPqsTjmHLxs68CvbjLQNx2FBa7J6wrvaaVzhQ:JwonUlmtvbjQ+aA4vNdQ
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright (C) 2008-2010 ashampoo Technology GmbH Co. KG
InternalName: Cancel Autoplay 2
FileVersion: 2.0.0.0
CompanyName: Ashampoo
LegalTrademarks1: (
cel Autoplay 2: 0x06x01ProductVersion
.0: D
celAutoplay2.exe: Dx12x01ProductName
FileDescription: Cancel Autoplay 2
galTrademarks2: Px14x01OriginalFilename
Translation: 0x0409 0x04b0

Malware.AI.1667731616 also known as:

BkavW32.AIDetect.malware1
K7AntiVirusTrojan ( 005224381 )
Elasticmalicious (high confidence)
DrWebTrojan.Encoder.12203
CynetMalicious (score: 100)
ALYacTrojan.Mint.Zamg.O
CylanceUnsafe
ZillyaTrojan.Zerber.Win32.2877
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaRansom:Win32/generic.ali2000010
K7GWTrojan ( 004f5c471 )
Cybereasonmalicious.ebb37e
CyrenW32/Cerber.HTLZ-0402
SymantecPacked.Generic.459
ESET-NOD32a variant of Win32/Kryptik.FUUE
APEXMalicious
AvastWin32:Filecoder-BG [Trj]
KasperskyHEUR:Trojan.Win32.Generic
BitDefenderTrojan.Mint.Zamg.O
NANO-AntivirusTrojan.Win32.Zerber.epyxhh
MicroWorld-eScanTrojan.Mint.Zamg.O
TencentMalware.Win32.Gencirc.10b20504
Ad-AwareTrojan.Mint.Zamg.O
SophosML/PE-A + Mal/Cerber-B
ComodoTrojWare.Win32.Ransom.Troldesh.AG@75bllb
BitDefenderThetaGen:NN.ZexaF.34628.Aq0@audPWtji
VIPRETrojan.Win32.Generic!BT
TrendMicroRansom_HPCERBER.SMALY5A
McAfee-GW-EditionBehavesLike.Win32.VirRansom.gh
FireEyeGeneric.mg.b028bf0ebb37e998
EmsisoftTrojan.Mint.Zamg.O (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojan.Zerber.cmr
WebrootW32.Ransom.Gen
AviraHEUR/AGEN.1106827
eGambitUnsafe.AI_Score_99%
MicrosoftRansom:Win32/Cerber.L!bit
ArcabitTrojan.Mint.Zamg.O
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Mint.Zamg.O
TACHYONRansom/W32.Cerber.438272
AhnLab-V3Win-Trojan/Cerber.Exp
Acronissuspicious
McAfeeRansomware-CBER!B028BF0EBB37
MAXmalware (ai score=85)
VBA32BScope.Trojan-Ransom.Zerber
MalwarebytesMalware.AI.1667731616
PandaTrj/GdSda.A
TrendMicro-HouseCallRansom_HPCERBER.SMALY5A
RisingRansom.Agent!8.6B7 (CLOUD)
YandexTrojan.GenAsa!DbyjcLEIHT0
IkarusTrojan.Win32.Krypt
FortinetW32/Zamg.O!tr
AVGWin32:Filecoder-BG [Trj]
Paloaltogeneric.ml
Qihoo-360Win32/Ransom.Filecoder.HxQB49sA

How to remove Malware.AI.1667731616?

Malware.AI.1667731616 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment