Malware.AI.1987234429 removal guide

The Malware.AI.1987234429 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.1987234429 virus can do?

SetUnhandledExceptionFilter detected (possible anti-debug)
Attempts to connect to a dead IP:Port (1 unique times)
Dynamic (imported) function loading detected
Authenticode signature is invalid

How to determine Malware.AI.1987234429?


File Info:
name: CCEE92CBEDBB20F20CC7.mlw
path: /opt/CAPEv2/storage/binaries/c92019be2677da427db3cdf9cea303cf188c3f460ecaef20400aa20d59247679
crc32: 03C6A708
md5: ccee92cbedbb20f20cc795f7492f0863
sha1: 084bf02023f1dc368469aa8322cff0d22cefd5d6
sha256: c92019be2677da427db3cdf9cea303cf188c3f460ecaef20400aa20d59247679
sha512: 9ca586762692101da4f6e2dc7395c787b9798066d72b16552d03c71177e8192fc30d29d8ae3aadae695f2c24c87449f21ddd07f2cda8059bc53a0f2fad7d2a9c
ssdeep: 1536:ZhwU/MDgewQgymnSvWGlrY5UjZnPCqqVkcFUJF:Z+U/Ms9QuSOGntnPwKcFUJF
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T130734A61F5908AAFFC71407214EFAF3682B6FD145B2A1DD762A8B60768722D15B313C3
sha3_384: f811c7b368751b1553f9af04b0c9fc30ea4aa6ccdedfa22e0488fb07de7740f7d852616a72eb8d3539deb732e9e8b5c5
ep_bytes: e83bfcffff6a00ff15c8e04000cccccc
timestamp: 2012-03-25 18:11:37

Version Info:
CompanyName: Microsoft
FileDescription: Audio server
FileVersion: 1.0.0.1
InternalName: audio.exe
LegalCopyright: Copyright (C) 2022
OriginalFilename: audio.exe
ProductName: Audio Server
ProductVersion: 1.0.0.1
Translation: 0x0400 0x04b0

Malware.AI.1987234429 also known as:

Lionic	Trojan.Win32.Injector.b!c
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Trojan.GenericKD.50379464
FireEye	Trojan.GenericKD.50379464
McAfee	GenericRXTF-ZZ!CCEE92CBEDBB
Sangfor	Trojan.Win32.GenericML.xnet
CrowdStrike	win/malicious_confidence_60% (W)
ESET-NOD32	a variant of Win32/Agent.ADYK
APEX	Malicious
Kaspersky	UDS:Trojan.Multi.GenericML.xnet
BitDefender	Trojan.GenericKD.50379464
ViRobot	Trojan.Win32.Z.Injector.77312.A
Avast	Win32:DropperX-gen [Drp]
Ad-Aware	Trojan.GenericKD.50379464
TrendMicro	TROJ_GEN.R002C0WF822
McAfee-GW-Edition	BehavesLike.Win32.BadFile.lh
Emsisoft	Trojan.GenericKD.50379464 (B)
GData	Trojan.GenericKD.50379464
Jiangmin	Trojan.Multi.kyq
Arcabit	Trojan.Generic.D300BAC8
Cynet	Malicious (score: 100)
AhnLab-V3	Dropper/Win.Generic.R496655
BitDefenderTheta	Gen:NN.ZexaF.34712.eq0@aqsYgBei
ALYac	Trojan.GenericKD.50379464
MAX	malware (ai score=84)
VBA32	BScope.Trojan.Wacatac
Malwarebytes	Malware.AI.1987234429
TrendMicro-HouseCall	TROJ_GEN.R002C0WF822
Rising	Backdoor.Convagent!8.123DC (CLOUD)
MaxSecure	Trojan.Malware.300983.susgen
Fortinet	W32/PossibleThreat
AVG	Win32:DropperX-gen [Drp]

How to remove Malware.AI.1987234429?

Malware.AI.1987234429 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X