Malware

Malware.AI.1999989424 removal tips

Malware Removal

The Malware.AI.1999989424 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.1999989424 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Creates RWX memory
  • Possible date expiration check, exits too soon after checking local time
  • Dynamic (imported) function loading detected
  • Reads data out of its own binary image
  • A process created a hidden window
  • CAPE extracted potentially suspicious content
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities for basic functionality
  • Deletes its original binary from disk
  • Behavioural detection: Injection (inter-process)
  • Created a process from a suspicious location
  • CAPE detected the Formbook malware family
  • Uses suspicious command line tools or Windows utilities

How to determine Malware.AI.1999989424?



File Info:

name: 5057EAB35EF405B45DAD.mlw
path: /opt/CAPEv2/storage/binaries/a3e3f646a70e450ebe0741b5955f243b3cf255edb30a7d084f11d84a9695baf1
crc32: E7BC4834
md5: 5057eab35ef405b45dad51bedcba6365
sha1: 3ca7a113d00f56b774d6b2492af19dc40d23c81e
sha256: a3e3f646a70e450ebe0741b5955f243b3cf255edb30a7d084f11d84a9695baf1
sha512: fb0f8f68ae8be6ab389a3ed33fd35fad9de313d70b3d437830b2d4291ca36509040e45b8e085c6908ccb1878f3b41a45e968a56691b975bc66a6262685507a03
ssdeep: 12288:J4P/VTivo1b+iqz58FR8f1ycJtdxqBaSoocdYq9kd8:J4PdZ1byz58FR8f13vqBa5v19H
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T17BA4129764C082F4FD7D8572B12B200B43B1B47F42D517DB67E9EB3A18E54B3820AD66
sha3_384: 06982341d24aca32f813d43d008c7dc7b6bae7b27a783848825f1eb6c3aeffaebdb94dadbfcb40dd426863e059828339
ep_bytes: 81ec8001000053555633db57895c2418
timestamp: 2008-10-10 21:48:57


Version Info:

0: [No Data]

Malware.AI.1999989424 also known as:

LionicTrojan.Win32.Generic.4!c
Elasticmalicious (high confidence)
DrWebTrojan.Siggen16.40157
MicroWorld-eScanTrojan.GenericKD.38922880
FireEyeTrojan.GenericKD.38922880
CAT-QuickHealTrojan.Spynoon.S26712849
McAfeeArtemis!5057EAB35EF4
CylanceUnsafe
ZillyaTrojan.Generic.Win32.1642991
SangforTrojan.Win32.Generic.ky
CrowdStrikewin/malicious_confidence_100% (W)
AlibabaTrojan:Win32/SpyNoon.9e2a0be8
K7GWTrojan ( 0058e1d21 )
K7AntiVirusTrojan ( 0058e1d21 )
CyrenW32/Injector.AUE.gen!Eldorado
ESET-NOD32a variant of Win32/Injector.ERBO
TrendMicro-HouseCallTROJ_FRS.0NA103B922
Paloaltogeneric.ml
KasperskyUDS:Trojan.Win32.Generic
BitDefenderTrojan.GenericKD.38922880
NANO-AntivirusTrojan.Win32.Inject4.jmqcmf
AvastWin32:PWSX-gen [Trj]
TencentWin32.Trojan.Generic.Ssqp
Ad-AwareTrojan.GenericKD.38922880
SophosMal/Generic-S
ComodoMalware@#1kgwtk1d5k4in
TrendMicroTROJ_FRS.0NA103B922
McAfee-GW-EditionBehavesLike.Win32.Dropper.gc
EmsisoftTrojan.GenericKD.38922880 (B)
SentinelOneStatic AI – Suspicious PE
GDataTrojan.GenericKD.38922880
JiangminTrojan.Generic.hfeia
WebrootW32.Trojan.Risis.1
AviraTR/AD.Swotter.gouud
MAXmalware (ai score=86)
KingsoftWin32.Troj.Undef.(kcloud)
GridinsoftRansom.Win32.Sabsik.sa
MicrosoftTrojan:Win32/Skeeyah.A!rfn
CynetMalicious (score: 100)
AhnLab-V3Trojan/Win.ObfusInjector.C4960407
ALYacTrojan.Agent.FormBook
MalwarebytesMalware.AI.1999989424
APEXMalicious
RisingTrojan.Spynoon!8.11885 (CLOUD)
YandexTrojan.Igent.bXwrSZ.3
IkarusTrojan.Win32.Injector
FortinetW32/Injector.ERAJ!tr
AVGWin32:PWSX-gen [Trj]
Cybereasonmalicious.35ef40
PandaTrj/CI.A
MaxSecureTrojan.Malware.300983.susgen

How to remove Malware.AI.1999989424?

Malware.AI.1999989424 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment