Malware

About “Malware.AI.2022088425” infection

Malware Removal

The Malware.AI.2022088425 is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware

Gridinsoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend using GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the trial period.
DOWNLOAD NOW
6-day free trial available.

What Malware.AI.2022088425 virus can do?

  • Behavioural detection: Executable code extraction – unpacking
  • Reads data out of its own binary image
  • CAPE extracted potentially suspicious content
  • The binary contains an unknown PE section name indicative of packing
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid
  • CAPE detected the ModiLoader malware family
  • Touches a file containing cookies, possibly for information gathering
  • Yara rule detections observed from a process memory dump/dropped files/CAPE

How to determine Malware.AI.2022088425?



File Info:

name: E9A80A721124D0B32A3D.mlw
path: /opt/CAPEv2/storage/binaries/58fb3fb48ef9fad1b1db3d84e7319e3536ada43191282424b436d2b426dcff30
crc32: 1C8CBF48
md5: e9a80a721124d0b32a3d29b4f848022c
sha1: e64ff42628b1ecadde366863bacd75ad684abf25
sha256: 58fb3fb48ef9fad1b1db3d84e7319e3536ada43191282424b436d2b426dcff30
sha512: 9b4a81a32586751ed7c613705ed45790fbd430a792858e8719fc64fb631e8852f0c9e90339042db7c8d0e02fd12132bdcbd3f8ce90d2098c3f6a63ecf8da95a4
ssdeep: 12288:vmqWab9vmCM3PYAQ/goAL2k0jluBjXjFhGHxWgyFaB3ZwveR8VOBUGTZL1z559ts:vtWkmdfWvxSr9aBB8sN52OJi
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T16455D03677811032C256263599AB8B249C39BE103E0865AF77F87DCC7F76683B8161F6
sha3_384: 8a008e55316001b3df9402ab429080bae6a042de3b40607e1cda9acd39de741add6f83f20c47757443a7de1dd172877f
ep_bytes: 558bec83c4f0b8cc4d4700e8e413f9ff
timestamp: 1992-06-19 22:22:17


Version Info:

0: [No Data]

Malware.AI.2022088425 also known as:

BkavW32.Common.D518154A
LionicTrojan.Win32.Stealer.12!c
Elasticmalicious (high confidence)
MicroWorld-eScanGen:Variant.Fragtor.329988
ClamAVWin.Trojan.Sinowal-9756760-0
FireEyeGeneric.mg.e9a80a721124d0b3
ALYacGen:Variant.Fragtor.329988
Cylanceunsafe
ZillyaTrojan.Stealer.Win32.129194
SangforDownloader.Win32.Modiloader.Vn2v
K7AntiVirusTrojan-Downloader ( 005a95431 )
AlibabaTrojanPSW:Win32/Stealer.d6067b9e
K7GWTrojan-Downloader ( 005a95431 )
CyrenW32/ModiLoader.A.gen!Eldorado
SymantecML.Attribute.HighConfidence
ESET-NOD32a variant of Win32/TrojanDownloader.ModiLoader.CW
APEXMalicious
CynetMalicious (score: 99)
KasperskyHEUR:Trojan-PSW.Win32.Stealer.gen
BitDefenderGen:Variant.Fragtor.329988
NANO-AntivirusTrojan.Win32.Stealer.jyfewk
AvastWin32:DropperX-gen [Drp]
TencentMalware.Win32.Gencirc.11b50df0
TACHYONTrojan-PWS/W32.DP-InfoStealer.1320448
EmsisoftGen:Variant.Fragtor.329988 (B)
F-SecureTrojan.TR/Redcap.jhxhc
VIPREGen:Variant.Fragtor.329988
TrendMicroTROJ_GEN.R002C0DH223
McAfee-GW-EditionBehavesLike.Win32.Worm.th
SophosMal/Generic-S
IkarusTrojan.Win32.Injector
GDataGen:Variant.Fragtor.329988
WebrootW32.Trojan.Sinowal
AviraTR/Redcap.jhxhc
Antiy-AVLTrojan[Downloader]/Win32.Modiloader
XcitiumMalware@#1xdsciejydpm3
ArcabitTrojan.Fragtor.D50904
ViRobotTrojan.Win.Z.Modiloader.1320448.A
ZoneAlarmHEUR:Trojan-PSW.Win32.Stealer.gen
MicrosoftTrojan:Win32/Leonem
GoogleDetected
AhnLab-V3Trojan/Win.Generic.R594161
McAfeeArtemis!E9A80A721124
MAXmalware (ai score=83)
VBA32Malware-Cryptor.Inject.gen
MalwarebytesMalware.AI.2022088425
PandaTrj/Chgt.AD
TrendMicro-HouseCallTROJ_GEN.R002C0DH223
RisingDownloader.Agent!1.E646 (CLASSIC)
YandexTrojan.Igent.b0B7Jr.1
SentinelOneStatic AI – Suspicious PE
MaxSecureTrojan.Malware.73788987.susgen
FortinetW32/ModiLoader.VT!tr
AVGWin32:DropperX-gen [Drp]
DeepInstinctMALICIOUS
CrowdStrikewin/malicious_confidence_100% (W)

How to remove Malware.AI.2022088425?

Malware.AI.2022088425 removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

You may also like

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

View all posts

Leave a Comment