Malware

Malware.AI.1904694489 information

Malware Removal

The Malware.AI.1904694489 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1904694489 virus can do?

  • Creates RWX memory
  • A process created a hidden window
  • Unconventionial binary language: Chinese (Simplified)
  • Unconventionial language used in binary resources: Chinese (Simplified)
  • Uses Windows utilities for basic functionality
  • Uses suspicious command line tools or Windows utilities

Related domains:

pic.baixiongz.com

How to determine Malware.AI.1904694489?



File Info:

crc32: 86242602
md5: c2e8cbcd0d5e67dd7bae05b242dbbf02
name: C2E8CBCD0D5E67DD7BAE05B242DBBF02.mlw
sha1: 8ff67aa200930bc5fbc4b5d4124637d452540751
sha256: fe446ed3fa191cfd64d7c02123eb2762091ac8ba353f3dffd98a0ec8d5a395ff
sha512: 867579912e3c45d6edd629d9bd94a58a28b104a6823bbb85dd5f1231a3948f781f061e7c0ca820609ee203f7a62a5dfccb2093a36a324f49aa3fbd14082d194c
ssdeep: 12288:T+LMdILv1mpNCMl5lj0tNxecqBVH0jwIA77xk:TYMSLwJ0tN8HvwA79k
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

LegalCopyright: Copyright 2020 KuGou-Inc.All Rights Reserved
InternalName: KuGou
FileVersion: 9.1.32.23449
CompanyName: x9177x72d7x97f3x4e50
ProductName: KuGou
ProductVersion: 9.1.32.23449
FileDescription: KuGou
OriginalFilename: KuGou.exe
Translation: 0x0804 0x04b0

Malware.AI.1904694489 also known as:

Elasticmalicious (high confidence)
DrWebTrojan.DownLoader43.62774
MalwarebytesMalware.AI.1904694489
CrowdStrikewin/malicious_confidence_70% (W)
Cybereasonmalicious.200930
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.Agent.FMQ
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan.Win32.Zenpak.gen
BitDefenderThetaGen:NN.ZexaF.34266.Fq0@aGXCcgnj
McAfee-GW-EditionGenericRXQI-HH!C2E8CBCD0D5E
FireEyeGeneric.mg.c2e8cbcd0d5e67dd
AviraTR/Dldr.Agent.onltj
MicrosoftTrojan:Win32/Sabsik.FL.B!ml
GDataWin32.Trojan.Agent.7LBZI6
AhnLab-V3Trojan/Win.HH.R449867
McAfeeGenericRXQI-HH!C2E8CBCD0D5E
VBA32BScope.Trojan.Agentb
PandaTrj/GdSda.A
IkarusTrojan-Downloader.Win32.Agent
FortinetW32/Agent.FMQ!tr

How to remove Malware.AI.1904694489?

Malware.AI.1904694489 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment