Malware

About “Malware.AI.1985961552” infection

Malware Removal

The Malware.AI.1985961552 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1985961552 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Sample contains Overlay data
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • Drops a binary and executes it
  • Authenticode signature is invalid
  • Attempts to identify installed AV products by installation directory
  • Attempts to identify installed AV products by registry key
  • Detects Bochs through the presence of a registry key
  • Collects information to fingerprint the system
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.1985961552?



File Info:

name: D267723AFE63C4D6CD4F.mlw
path: /opt/CAPEv2/storage/binaries/e479406f4e1093ff89a8bdc7af904422feb44477ef2c9fc294f53f2aa441c0c0
crc32: CCC2C14C
md5: d267723afe63c4d6cd4f6956b9d0bc64
sha1: 6b6f3e21a8809065be5ca008703bd5c03f554330
sha256: e479406f4e1093ff89a8bdc7af904422feb44477ef2c9fc294f53f2aa441c0c0
sha512: 26f868fbf1fddb3a534977bada1c85532268086f3cd4edc32f82800b9ffde78b385760315e5586c5000a4bfc456637911c516c601f6f874e1e028fcfbb213aef
ssdeep: 98304:xLhtOPxOG3/tx3O7cHZEACzxtMkc8pRFQC3f7yNnWjfJ6Dhwj1nUN9U3KRm7O0:xPqDLt5EAavc8pnf7/jxAmeh0
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17E3633FA9E1D2515EAA2CD7A1C763EEB85C38E4D1C161ABB4724397E0D37334116A123
sha3_384: c634dee058ff6abc036f0257d4380f346fd0213782c63c674bc5e342167e76050c3ab5073bedad464a88584b19afe569
ep_bytes: 81ecd40200005356576a205f33db6801
timestamp: 2021-07-24 22:19:26


Version Info:

0: [No Data]

Malware.AI.1985961552 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Masloa.a!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Doina.64798
FireEyeGeneric.mg.d267723afe63c4d6
CAT-QuickHealTrojan.Agent
SkyhighBehavesLike.Win32.Suspicious.rc
McAfeeArtemis!D267723AFE63
MalwarebytesMalware.AI.1985961552
ZillyaTrojan.Masloa.Win32.3
SangforDownloader.Msil.Agent.Vso4
CrowdStrikewin/malicious_confidence_90% (W)
ArcabitTrojan.Doina.DFD1E
SymantecML.Attribute.HighConfidence
ESET-NOD32multiple detections
APEXMalicious
CynetMalicious (score: 100)
KasperskyHEUR:Trojan-Downloader.MSIL.Masloa.gen
BitDefenderGen:Variant.Doina.64798
AvastNSIS:PWSX-gen [Trj]
RisingTrojan.HiddenRun/NSIS!1.E740 (CLASSIC)
SophosMal/Generic-S
F-SecureHeuristic.HEUR/AGEN.1338885
DrWebAdware.Downware.19998
VIPREGen:Variant.Doina.64798
TrendMicroPUA.Win32.WebCompanion.DA
EmsisoftGen:Variant.Doina.64798 (B)
IkarusTrojan.SuspectCRC
GoogleDetected
AviraHEUR/AGEN.1338885
Antiy-AVLGrayWare/Win32.uTorrent
XcitiumApplicUnwnt@#16vlo195m62l7
MicrosoftProgram:Win32/Wacapew.C!ml
ZoneAlarmHEUR:Trojan-Downloader.MSIL.Masloa.gen
GDataWin32.Application.Agent.KYL493
VaristW32/MSIL_Adaware.A.gen!Eldorado
AhnLab-V3Dropper/Win.MulDrop.R439720
VBA32TrojanDownloader.MSIL.Masloa
ALYacGen:Variant.Doina.64798
MAXmalware (ai score=81)
Cylanceunsafe
PandaTrj/CI.A
TrendMicro-HouseCallPUA.Win32.WebCompanion.DA
TencentMsil.Trojan-Downloader.Masloa.Qsmw
SentinelOneStatic AI – Suspicious PE
FortinetPossibleThreat.PALLAS.H
BitDefenderThetaGen:NN.ZemsilF.36792.dm0@aSP2LGn
AVGNSIS:PWSX-gen [Trj]
DeepInstinctMALICIOUS

How to remove Malware.AI.1985961552?

Malware.AI.1985961552 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment