Malware

Malware.AI.1969387268 removal guide

Malware Removal

The Malware.AI.1969387268 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1969387268 virus can do?

  • Executable code extraction
  • Attempts to connect to a dead IP:Port (1 unique times)
  • Creates RWX memory
  • A process created a hidden window
  • Creates an excessive number of UDP connection attempts to external IP addresses
  • Performs some HTTP requests
  • The binary likely contains encrypted or compressed data.
  • Uses Windows utilities for basic functionality
  • Attempts to modify desktop wallpaper
  • Attempts to execute a binary from a dead or sinkholed URL
  • Writes a potential ransom message to disk
  • EternalBlue behavior
  • Attempts to modify proxy settings
  • Attempts to access Bitcoin/ALTCoin wallets
  • Generates some ICMP traffic
  • Collects information to fingerprint the system
  • Uses suspicious command line tools or Windows utilities

Related domains:

api.blockcypher.com
qfjhpgbefuhenjp7.1bxzyr.top

How to determine Malware.AI.1969387268?



File Info:

crc32: 647A9B4B
md5: 3d47a944e599b7d41b68a5eb96de4357
name: 3D47A944E599B7D41B68A5EB96DE4357.mlw
sha1: b0f4ee60b7a0abf0beeb38f464430be3cecc45a3
sha256: f1a182a515266ccc8702356a6f669a7c0b14084681f0d3731a8bc41934abba6b
sha512: 4a6de282d3339d9ba2b59da55c8242c9cb317e0345100b0291056c76c4d7066b89ea5da19e219a301ef202892dd34e3e08808f65ba4034c2c028231f18c63734
ssdeep: 3072:+p9j/o9vIHfN2wOnqzttpuGpmwDX9EeTTFGtNnY/BHU13KlWZ0Zd0LquMOoYwO4:+b89vkfwnqz06JhGwbl1kOhzR/fb
type: PE32 executable (GUI) Intel 80386, for MS Windows


Version Info:

0: [No Data]

Malware.AI.1969387268 also known as:

BkavW32.AIDetect.malware1
Elasticmalicious (high confidence)
MicroWorld-eScanTrojan.Ransom.Cerber.YT
FireEyeGeneric.mg.3d47a944e599b7d4
CAT-QuickHealRansom.Cerber.A4
McAfeeRansomware-GDA!3D47A944E599
CylanceUnsafe
VIPRETrojan.Win32.Generic!BT
AegisLabTrojan.Win32.Zerber.j!c
SangforTrojan.Win32.Save.a
K7AntiVirusTrojan ( 00511a291 )
BitDefenderTrojan.Ransom.Cerber.YT
K7GWTrojan ( 00511a291 )
Cybereasonmalicious.4e599b
CyrenW32/Ransom.FW.gen!Eldorado
SymantecPacked.Generic.493
APEXMalicious
AvastWin32:CrypterX-gen [Trj]
ClamAVWin.Ransomware.Zusy-6956995-0
KasperskyHEUR:Trojan.Win32.Generic
NANO-AntivirusTrojan.Win32.Encoder.ercnmk
ViRobotTrojan.Win32.Cerber.245760.J
RisingRansom.Cerber!8.3058 (RDMK:cmRtazq7zWp/g+A4+BEWuCprB77+)
Ad-AwareTrojan.Ransom.Cerber.YT
TACHYONRansom/W32.Cerber.245760.T
EmsisoftTrojan.Ransom.Cerber.YT (B)
ComodoTrojWare.Win32.Dynamer.FUS@779df7
F-SecureHeuristic.HEUR/AGEN.1109523
DrWebTrojan.Encoder.4691
ZillyaTrojan.Zerber.Win32.3371
TrendMicroRansom_CERBER.SM3B
McAfee-GW-EditionBehavesLike.Win32.Worm.dc
SophosML/PE-A + Mal/Elenoocka-E
IkarusTrojan.Win32.Filecoder
JiangminTrojan.Zerber.cwp
AviraHEUR/AGEN.1109523
Antiy-AVLTrojan[Ransom]/Win32.Zerber
MicrosoftRansom:Win32/Cerber
ArcabitTrojan.Ransom.Cerber.YT
ZoneAlarmHEUR:Trojan.Win32.Generic
GDataTrojan.Ransom.Cerber.YT
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win32.Cerber.R204660
Acronissuspicious
BitDefenderThetaGen:NN.ZexaF.34590.puW@ai6xtihi
ALYacTrojan.Ransom.Cerber.YT
MAXmalware (ai score=85)
VBA32Hoax.Zerber
MalwarebytesMalware.AI.1969387268
PandaTrj/Genetic.gen
ESET-NOD32a variant of Win32/Kryptik.FUQV
TrendMicro-HouseCallRansom_CERBER.SM3B
TencentMalware.Win32.Gencirc.10b388fb
YandexTrojan.GenAsa!goeXQFN9XSI
SentinelOneStatic AI – Malicious PE
eGambitUnsafe.AI_Score_94%
FortinetW32/GenKryptik.APXF!tr
AVGWin32:CrypterX-gen [Trj]
Paloaltogeneric.ml
CrowdStrikewin/malicious_confidence_100% (D)
Qihoo-360Win32/Trojan.Ransom.5cb

How to remove Malware.AI.1969387268?

Malware.AI.1969387268 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment