Malware

How to remove “Malware.AI.2021209803”?

Malware Removal

The Malware.AI.2021209803 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2021209803 virus can do?

  • A file was accessed within the Public folder.
  • Sample contains Overlay data
  • Uses Windows utilities for basic functionality
  • Reads data out of its own binary image
  • Drops a binary and executes it
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • Uses Windows utilities to create a scheduled task
  • Accessed credential storage registry keys
  • Anomalous binary characteristics
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2021209803?



File Info:

name: A66455AAD74DC7559079.mlw
path: /opt/CAPEv2/storage/binaries/0021302f991549785aea1bf660e444a72cf0dc496e63114ed96a8780ecf9e94d
crc32: 54540361
md5: a66455aad74dc75590792f97d2f92b08
sha1: 32cc71a57e449037e0b57d18d7ee6bc0a0829eb2
sha256: 0021302f991549785aea1bf660e444a72cf0dc496e63114ed96a8780ecf9e94d
sha512: 9cec6e811213e515b49eb0bb02e5027a580b31a06a1f6ae57af14978d97e14b201edcd0a8cf9136258a34cd0863e5409ce3f59b9f19bf7b0aac577ea6e461c97
ssdeep: 98304:VWGfGnNxB0pl5B5AxmNj8lrHoPETt0r1hOTjhVk+2RhwCvnftEdqJf:VWGfGNqL3j8lL+kGrvQCfG8Jf
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T14336334AF99E22A1ED1F0D3145102AF63E76CE105FC0D946CBD4282BED749E4A29F71E
sha3_384: 14e1cd622098e84b252aadd3f2baed0663a215679c3784c8481d5ac7da1feadc2cd8f08e5b6b3a73879076999ed9d820
ep_bytes: 5589e557565381ecac010000c7042401
timestamp: 2019-01-07 17:20:39


Version Info:

0: [No Data]

Malware.AI.2021209803 also known as:

BkavW32.AIDetectMalware
LionicTrojan.Win32.Generic.4!c
MalwarebytesMalware.AI.2021209803
SangforTrojan.Win32.Agent.Vzwk
K7AntiVirusRiskware ( 0040eff71 )
K7GWRiskware ( 0040eff71 )
CrowdStrikewin/grayware_confidence_70% (D)
AvastWin32:Malware-gen
DrWebTool.InstSrv.10
McAfee-GW-EditionBehavesLike.Win32.Dropper.rc
GoogleDetected
Antiy-AVLTrojan/Win32.Wacatac
ViRobotTrojan.Win.Z.Wacatac.4928071
MicrosoftProgram:Win32/Wacapew.C!ml
CynetMalicious (score: 100)
AhnLab-V3Unwanted/Win32.NSSM.R353938
McAfeeArtemis!A66455AAD74D
Cylanceunsafe
ZonerTrojan.Win64.84488
RisingMalware.Undefined!8.C (RDMK:cmRtazp2dCIQT2e9ckYInodpes/W)
IkarusTrojan-Ransom.FileCrypter
MaxSecureTrojan.Malware.216064600.susgen
BitDefenderThetaGen:NN.ZexaF.36738.@xW@aKjreyg
AVGWin32:Malware-gen
DeepInstinctMALICIOUS

How to remove Malware.AI.2021209803?

Malware.AI.2021209803 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment