Malware.AI.2012542000 removal instruction

The Malware.AI.2012542000 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.

6-day free trial available.

What Malware.AI.2012542000 virus can do?

Sample contains Overlay data
Reads data out of its own binary image
The binary contains an unknown PE section name indicative of packing
Authenticode signature is invalid
Creates DCRat RAT directories and/or files

How to determine Malware.AI.2012542000?


File Info:
name: 3EBCB87DEEA82237C05A.mlw
path: /opt/CAPEv2/storage/binaries/9a9f48a66502a2f9960890f2998598901bc0dab5d97a9ee91863d016b90e1f49
crc32: 2C5AD856
md5: 3ebcb87deea82237c05a6d9a2785783b
sha1: e5db57ec36ecfb1d8518a5d70f539e27c5a3c848
sha256: 9a9f48a66502a2f9960890f2998598901bc0dab5d97a9ee91863d016b90e1f49
sha512: a81153deb9ebcddf210241efa9d023ef1e6309bf5c7b38cd4d0422eadc40d40b2e66dbf4dfe2c1522a52cd67605202a59f610cd7dd857076c67316cdccf42a84
ssdeep: 12288:nsOW6Q4OWz9hPiX+tG6zyHRpH3E3aSkdFg72fSa2RBgascl8XLFu:5W6VXRhP26zyTH0KXvg7XJRBHlaRu
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T175E40201FAD184B2E53319320A39AB11A97DBD301E35DE1FB3D86D2DDA311D0A635BA7
sha3_384: 434d772b78e12ee38198e5cc509c4e2bd5d7a8a5dbabd1a91443ddce5753f7213e7f43f27509123f7b5a9658198af5db
ep_bytes: e89e040000e98efeffff3b0dc8a14300
timestamp: 2018-06-24 15:04:40

Version Info:
0: [No Data]

Malware.AI.2012542000 also known as:

Lionic	Trojan.Win32.Uztuby.4!c
Elastic	malicious (moderate confidence)
MicroWorld-eScan	Trojan.Uztuby.19
FireEye	Trojan.Uztuby.19
Skyhigh	BehavesLike.Win32.Backdoor.bc
ALYac	Trojan.Uztuby.19
Malwarebytes	Malware.AI.2012542000
VIPRE	Trojan.Uztuby.19
Sangfor	Trojan.Win32.Agent.Vvxr
APEX	Malicious
BitDefender	Trojan.Uztuby.19
Avast	Win32:Malware-gen
Sophos	Generic ML PUA (PUA)
F-Secure	Trojan:W32/RARSfx.B
Trapmine	malicious.moderate.ml.score
Emsisoft	Trojan.Uztuby.19 (B)
Ikarus	Trojan.Uztuby
GData	Trojan.Uztuby.19
Varist	W32/S-5f21cf29!Eldorado
ViRobot	Trojan.Win.Z.Uztuby.718852
Cynet	Malicious (score: 100)
AhnLab-V3	Malware/Gen.Generic.C4002636
McAfee	Artemis!3EBCB87DEEA8
Cylance	unsafe
TrendMicro-HouseCall	TROJ_GEN.R002H09GB23
MaxSecure	Trojan.Malware.116318280.susgen
AVG	Win32:Malware-gen
DeepInstinct	MALICIOUS

How to remove Malware.AI.2012542000?

Malware.AI.2012542000 removal tool

Download and install GridinSoft Anti-Malware.
Open GridinSoft Anti-Malware and perform a “Standard scan“.
“Move to quarantine” all items.
Open “Tools” tab – Press “Reset Browser Settings“.
Select proper browser and options – Click “Reset”.
Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment X