Malware

Malware.AI.2002079514 malicious file

Malware Removal

The Malware.AI.2002079514 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2002079514 virus can do?

  • Drops a binary and executes it
  • The binary contains an unknown PE section name indicative of packing
  • Authenticode signature is invalid
  • Attempts to modify proxy settings
  • Creates a copy of itself
  • Deletes executed files from disk
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2002079514?



File Info:

name: DC3D6BE0901EA8D48065.mlw
path: /opt/CAPEv2/storage/binaries/74acd05c1c99eb7d3ecc362652e642448f7d09fbdc76633c5fc529dd940bcc4f
crc32: 2147C19A
md5: dc3d6be0901ea8d480657f98a8389ce5
sha1: 88f9ca6eaffcaff5f53d86622fae669833bc57fc
sha256: 74acd05c1c99eb7d3ecc362652e642448f7d09fbdc76633c5fc529dd940bcc4f
sha512: 7ec29f801de2d6058d07c7e4f777eec77d845f4760ee97942a85663433f5faaf4a02be744b4531be52554b09eff878afaf55d1798ee9832e7d8bba1a566a34ee
ssdeep: 6144:zQSXh4BLc/UbwMXkS0Tlt+Eg5Cl7jPQiZIXOp7r0z7X+PDWd/:zQSicoATltZg5ePPQiZIGkn+L
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T1E3943C11D6018375E9E300B78EFF2A2E991CE771134924D7E6C87C4A9F55AE23A352CB
sha3_384: ab12b652f921c7c888a868bb9ae37f12e50e52a22d020876a18a59d7bf1c1015c5e12780d4bf7d0614cd91f7665786df
ep_bytes: e986ac0300e95bbf0000e9162e0100e9
timestamp: 2021-01-25 00:49:19


Version Info:

0: [No Data]

Malware.AI.2002079514 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.IRCbot.4!c
MicroWorld-eScanGeneric.Sdbot.A31C3C7F
FireEyeGeneric.mg.dc3d6be0901ea8d4
McAfeeExploit-DcomRpc.c.gen
Cylanceunsafe
ZillyaTrojan.IRCBot.Win32.14437
SangforTrojan.Win32.Save.a
K7AntiVirusBackdoor ( 004bc5ea1 )
AlibabaTrojan:Win32/IRCbot.47dc1641
K7GWBackdoor ( 004bc5ea1 )
Cybereasonmalicious.eaffca
CyrenW32/Rbot.E.gen!Eldorado
SymantecML.Attribute.HighConfidence
Elasticmalicious (high confidence)
ESET-NOD32a variant of Win32/IRCBot.NFM
APEXMalicious
ClamAVWin.Trojan.Mybot-4324
KasperskyHEUR:Trojan.Win32.IRCbot.gen
BitDefenderGeneric.Sdbot.A31C3C7F
NANO-AntivirusTrojan.Win32.IRCbot.iirqal
AvastWin32:CVE-2006-3942-A [Expl]
RisingTrojan.KillAV!1.667A (CLASSIC)
EmsisoftGeneric.Sdbot.A31C3C7F (B)
F-SecureTrojan.TR/IRCbot.svton
DrWebWIN.IRC.WORM.Virus
VIPREGeneric.Sdbot.A31C3C7F
TrendMicroTROJ_GEN.R002C0PFU23
McAfee-GW-EditionBehavesLike.Win32.Ransomware.gm
SophosMal/Generic-S
IkarusTrojan.Win32.IRCBot
GDataGeneric.Sdbot.A31C3C7F
JiangminTrojan.IRCBot.ack
GoogleDetected
AviraTR/IRCbot.svton
Antiy-AVLTrojan/Win32.IRCBot
XcitiumMalware@#381jhfii9a71t
ArcabitGeneric.Sdbot.A31C3C7F
ZoneAlarmHEUR:Trojan.Win32.IRCbot.gen
MicrosoftTrojan:Win32/Wacatac.B!ml
CynetMalicious (score: 100)
AhnLab-V3Win32/IRCBot.worm.Gen
VBA32BScope.Trojan.Khalesi
ALYacGeneric.Sdbot.A31C3C7F
MAXmalware (ai score=100)
MalwarebytesMalware.AI.2002079514
PandaTrj/GdSda.A
TrendMicro-HouseCallTROJ_GEN.R002C0PFU23
TencentWin32.Trojan.Ircbot.Mqil
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.121218.susgen
FortinetW32/IRCBot.NFM!tr
AVGWin32:CVE-2006-3942-A [Expl]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.2002079514?

Malware.AI.2002079514 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment