Malware

Malware.AI.1902002372 removal instruction

Malware Removal

The Malware.AI.1902002372 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What Malware.AI.1902002372 virus can do?

  • Executable code extraction
  • Creates RWX memory
  • Reads data out of its own binary image
  • HTTP traffic contains suspicious features which may be indicative of malware related traffic
  • Performs some HTTP requests
  • Anomalous binary characteristics

Related domains:

z.whorecord.xyz
a.tomx.xyz
jddrtj.duckdns.org

How to determine Malware.AI.1902002372?


File Info:

crc32: 58F0377D
md5: 3879135e5f36363ec7d045b35504fe99
name: 3879135E5F36363EC7D045B35504FE99.mlw
sha1: 3ab007c777a89710254f78d274582dda0da0c05c
sha256: f8f7657be5d87739aa99f22ca5df47a45321657f9cc93a2b8da5aab742928d4c
sha512: 6868d2f81f495a851368f5f92c8f7d9be63bb9eec5d3e6b59ce0317f79bb3ec9570fa5cbf4b007611410037da0132b62c289562d2e8c09485000af05fb5887b9
ssdeep: 1536:n9HG7OyFpVruj8Ljd2F39XgOyTF2HMB3:no7nu939XgSMB3
type: PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows

Version Info:

Translation: 0x0000 0x04b0
LegalCopyright:
Assembly Version: 1.5.0.0
InternalName: seffsDOS.exe
FileVersion: 5.5.0.0
ProductName: Windows
ProductVersion: 5.5.0.0
FileDescription: Windows
OriginalFilename: seffsDOS.exe

Malware.AI.1902002372 also known as:

K7AntiVirusTrojan ( 0051811b1 )
LionicTrojan.MSIL.Generic.a!c
DrWebTrojan.ClipBankerNET.5
CAT-QuickHealTrojan.MFC.S17874230
ALYacGen:Variant.MSILPerseus.126393
MalwarebytesMalware.AI.1902002372
ZillyaTrojan.ClipBanker.Win32.377
SangforTrojan.Win32.Save.a
CrowdStrikewin/malicious_confidence_80% (D)
AlibabaTrojanDownloader:MSIL/ClipBanker.8bf391fe
K7GWTrojan ( 0051811b1 )
Cybereasonmalicious.e5f363
SymantecTrojan.Gen.MBT
ESET-NOD32a variant of MSIL/ClipBanker.DG
APEXMalicious
AvastFileRepMalware
CynetMalicious (score: 99)
KasperskyHEUR:Trojan-Downloader.MSIL.Generic
BitDefenderGen:Variant.MSILPerseus.126393
NANO-AntivirusTrojan.Win32.ClipBanker.etdhow
MicroWorld-eScanGen:Variant.MSILPerseus.126393
Ad-AwareGen:Variant.MSILPerseus.126393
ComodoMalware@#3aeded1s2dsra
BitDefenderThetaGen:NN.ZemsilF.34142.eq0@amXS5im
VIPRETrojan.Win32.Generic!BT
McAfee-GW-EditionGenericRXCX-ND!3879135E5F36
FireEyeGeneric.mg.3879135e5f36363e
EmsisoftGen:Variant.MSILPerseus.126393 (B)
SentinelOneStatic AI – Malicious PE
JiangminTrojanDownloader.MSIL.pix
AviraHEUR/AGEN.1103993
eGambitUnsafe.AI_Score_70%
Antiy-AVLTrojan/Generic.ASMalwS.223191E
MicrosoftTrojan:Win32/Dynamer!rfn
GDataGen:Variant.MSILPerseus.126393
AhnLab-V3Trojan/Win32.Dynamer.R217382
McAfeeGenericRXCX-ND!3879135E5F36
MAXmalware (ai score=99)
VBA32TScope.Trojan.MSIL
PandaTrj/GdSda.A
YandexTrojan.ClipBanker!3Ma7xQVg7eU
IkarusTrojan.MSIL.ClipBanker
FortinetMSIL/ClipBanker.DG!tr
AVGFileRepMalware
Paloaltogeneric.ml

How to remove Malware.AI.1902002372?

Malware.AI.1902002372 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment